OSVDB ID: 12139 Title: YardRadius process_menu() Function Remote Overflow |
Info |
|
|
Dates |
||||
|
|
Description |
A remote overflow exists in YardRadius. The process_menu() function contains a boundary error resulting in a stack overflow. With a specially crafted request, an attacker can cause arbitrary code execution with root privileges resulting in a loss of integrity. |
Classification |
Location:
Remote/Network Access Required
Attack Type: Input Manipulation Impact: Loss of Integrity Exploit: Exploit Unknown Disclosure: OSVDB Verified |
Solution |
Upgrade to version 1.0.21 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. |
Products |
|
References |
|
Credit |
|