Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2009-3111

EPSS 17.90% · P95
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-3111

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
FreeRADIUS src/lib/radius.c 'rad_decode()'拒绝服务漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
FreeRadius是一款使用RADIUS协议的开放源代码验证和帐户系统。 FreeRadius的src/lib/radius.c文件的rad_decode()函数在解码畸形报文时存在拒绝服务漏洞。远程攻击者可以通过向radiusd守护程序发送带有0长度Tunnel-Password属性的畸形Access-Request报文导致拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2009-3111

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2009-3111

登录查看更多情报信息。

Same Patch Batch · n/a · 2009-09-09 · 24 CVEs total

CVE-2009-3124Ipmotor QuarkMail 'get_message.cgi'路径遍历漏洞
CVE-2009-2266oxid eshop 敏感信息泄露漏洞
CVE-2008-7191Pps.Jussieu Polipo未明漏洞
CVE-2008-7190Adium 未明漏洞
CVE-2008-7189Bastian_Blumentritt Local Media Browser 多个未明漏洞
CVE-2008-7188ClipShare 'siteadmin/useredit.php' 权限限制和访问控制漏洞
CVE-2008-7187Coppermine Photo Gallery 脚本include/slideshow.inc.php信息泄露漏洞
CVE-2008-7186Coppermine Photo Gallery 'update.php' 权限许可和访问控制漏洞
CVE-2009-3113OXID eShop 未明漏洞
CVE-2009-3112Oxidforge OXID eShop未明安全漏洞
CVE-2008-7193PHPKIT 跨站请求伪造漏洞
CVE-2008-7192WoltLab Burning Board 脚本index.php 跨站请求伪造漏洞
CVE-2009-2205Apple Java Update 'Java Web Start'缓冲区溢出漏洞
CVE-2009-3123Visavi Wap-Motor gallery/gallery.php路径遍历漏洞
CVE-2009-3122Drupal Ajax Table权限许可和访问控制漏洞
CVE-2009-3121Drupal Ajax Table跨站脚本攻击漏洞
CVE-2009-3120BIGACE Web CMS 'public/index.php'跨站脚本攻击漏洞
CVE-2009-3119X-Iweb.Ru Download System mSF SQL注入漏洞
CVE-2009-3118Danneo CMS 'mod/poll/comment.php' SQL注入漏洞
CVE-2009-3117snowhall silurus_system 脚本category.php SQL注入漏洞

Showing top 20 of 24 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2009-3111

No comments yet

Leave a comment