Denial of Service Vulnerability in FreeRADIUS 2.1.x

Denial of Service Vulnerability in FreeRADIUS 2.1.x

CVE-2010-3697 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x before 2.1.10, in certain circumstances involving long-term database outages, does not properly handle long queue times for requests, which allows remote attackers to cause a denial of service (daemon crash) by sending many requests.

Learn more about our Web Application Penetration Testing UK.