Your submission was sent successfully! Close

CVE-2015-8762

Published: 27 March 2017

The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet.

Priority

Low

CVSS 3 base score: 5.9

Status

Package Release Status
freeradius
Launchpad, Ubuntu, Debian
precise Not vulnerable

trusty Does not exist
(trusty was not-affected)
upstream Needs triage

vivid Not vulnerable

wily Not vulnerable

Notes

AuthorNote
sbeattie
EAP-PWD module not enabled in default configuration
mdeslaur
3.0+ only

References

Bugs