David Luyer

Name of the Vulnerable Software and Affected Versions: Clam AntiVirus (ClamAV) versions prior to 0.88.1 Description: The issue allows remote attackers to cause a denial of service via unspecified vectors that trigger an "invalid memory access." Recommendations: For versions prior to 0.88.1, update to version 0.88.1 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Cistron RADIUS daemon (radiusd-cistron) versions 1.6.6 and earlier Description: The issue allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large value in an `NAS-Port` attribute. This attribute is interpreted as a negative number, causing a buffer overflow. Recommendations: For versions 1.6.6 and earlier, update to a version later than 1.6.6 to resolve the issue. As a temporary workaround, consider restricting access to the `NAS-Port` attribute to minimize the risk of exploitation.