Multiple Format String Vulnerabilities in YARD RADIUS 1.1.2

Multiple Format String Vulnerabilities in YARD RADIUS 1.1.2

CVE-2013-4147 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple format string vulnerabilities in Yet Another Radius Daemon (YARD RADIUS) 1.1.2 allow context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in a request in the (1) log_msg function in log.c or (2) version or (3) build_version function in version.c.

Learn more about our Web Application Penetration Testing UK.