CVE-2006-4181 — HIGH (10.0)

Vulnerability Description

Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote attackers to execute arbitrary code via unknown vectors.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Gnu	Radius	1.2

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=443PatchVendor Advisory
http://secunia.com/advisories/23087PatchVendor Advisory
http://security.gentoo.org/glsa/glsa-200612-17.xml
http://securitytracker.com/id?1017285Patch
http://www.securityfocus.com/bid/21303Patch
http://www.vupen.com/english/advisories/2006/4712
https://exchange.xforce.ibmcloud.com/vulnerabilities/30508
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=443PatchVendor Advisory
http://secunia.com/advisories/23087PatchVendor Advisory
http://security.gentoo.org/glsa/glsa-200612-17.xml
http://securitytracker.com/id?1017285Patch
http://www.securityfocus.com/bid/21303Patch
http://www.vupen.com/english/advisories/2006/4712
https://exchange.xforce.ibmcloud.com/vulnerabilities/30508

FAQ

What is CVE-2006-4181?

CVE-2006-4181 is a vulnerability with a CVSS score of 10.0 (HIGH). Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote attackers to execute arbitrary code via unknown vectors.

How severe is CVE-2006-4181?

CVE-2006-4181 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-4181?

Check the references section above for vendor advisories and patch information. Affected products include: Gnu Radius.