CVE-2005-1454

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2005-1454
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2005-1454.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2005-1454
Related
Published
2005-05-19T04:00:00Z
Modified
2024-11-20T23:57:23Z
Summary
[none]
Details

SQL injection vulnerability in the radiusxlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via (1) groupmembershipquery, (2) simulcountquery, or (3) simulverify_query configuration entries.

References

Affected packages

Debian:11 / freeradius

Package

Name
freeradius
Purl
pkg:deb/debian/freeradius?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2-4

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / freeradius

Package

Name
freeradius
Purl
pkg:deb/debian/freeradius?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2-4

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / freeradius

Package

Name
freeradius
Purl
pkg:deb/debian/freeradius?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2-4

Ecosystem specific 

{
    "urgency": "not yet assigned"
}