CVE-2008-5284

NONECVSS 0.0

0.0

The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other versions before 5.1.44, Emerald 5.0.49 and other versions before 5.0.52, Air Marshal 2.0.4 and other versions before 2.0.8, and Radius test client (aka Radlogin) 4.0.20 and earlier, allows remote attackers to cause a denial of service (crash) via an HTTP Content-Length header with a negative value, which triggers a single byte overwrite of memory using a NULL terminator. NOTE: some of these details are obtained from third party information.

🔗 References (16)

cve@mitrehttp://aluigi.altervista.org/adv/emerdal-adv.txt
cve@mitrehttp://secunia.com/advisories/28846
cve@mitrehttp://www.iea-software.com/docs/Emerald5/changes.txt
cve@mitrehttp://www.iea-software.com/docs/Radius40/changes.txt
cve@mitrehttp://www.iea-software.com/docs/airmarshal1/changes.txt
cve@mitrehttp://www.securityfocus.com/archive/1/487810/100/200/threaded
cve@mitrehttp://www.securityfocus.com/bid/27701
cve@mitrehttp://www.vupen.com/english/advisories/2008/0484
af854a3a-2127-422b-91ae-364da2661108http://aluigi.altervista.org/adv/emerdal-adv.txt
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28846
af854a3a-2127-422b-91ae-364da2661108http://www.iea-software.com/docs/Emerald5/changes.txt
af854a3a-2127-422b-91ae-364da2661108http://www.iea-software.com/docs/Radius40/changes.txt
af854a3a-2127-422b-91ae-364da2661108http://www.iea-software.com/docs/airmarshal1/changes.txt
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/487810/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/27701

Is Your Infrastructure Affected by CVE-2008-5284?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-5284

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-5284?