CVE-2004-0849 Information

Description

Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94 when compiled with the –enable-snmp option allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests.

Reference

http://lists.gnu.org/archive/html/info-gnu-radius/2004-09/msg00000.html http://www.idefense.com/application/poi/display?id=141&type=vulnerabilities https://exchange.xforce.ibmcloud.com/vulnerabilities/17391