Your submission was sent successfully! Close

CVE-2015-8764

Published: 27 March 2017

Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow.

Priority

Medium

CVSS 3 base score: 8.1

Status

Package Release Status
freeradius
Launchpad, Ubuntu, Debian
precise Not vulnerable

trusty Does not exist
(trusty was not-affected)
upstream Needs triage

vivid Not vulnerable

wily Not vulnerable

Notes

AuthorNote
sbeattie
according to upstream, EAP-PWD not enabled by default
mdeslaur
3.0+ only

References

Bugs