Unrated severityNVD Advisory· Published Nov 28, 2006· Updated Apr 23, 2026

CVE-2006-4181

Description

Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote attackers to execute arbitrary code via unknown vectors.

Affected products

GNU/Radius2 versions
cpe:2.3:a:gnu:radius:1.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:gnu:radius:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:radius:1.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

labs.idefense.com/intelligence/vulnerabilities/display.phpnvdPatchVendor Advisory
secunia.com/advisories/23087nvdPatchVendor Advisory
securitytracker.com/idnvdPatch
www.securityfocus.com/bid/21303nvdPatch
security.gentoo.org/glsa/glsa-200612-17.xmlnvd
www.vupen.com/english/advisories/2006/4712nvd
exchange.xforce.ibmcloud.com/vulnerabilities/30508nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.018
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000