CVE-2003-0968

Name of the Vulnerable Software and Affected Versions FreeRADIUS versions 0.9.3 and earlier

Description A stack-based buffer overflow issue exists in the SMB Logon Server of the rlm smb experimental module, allowing remote attackers to execute arbitrary code via a long User-Password attribute.

Recommendations For FreeRADIUS versions 0.9.3 and earlier, consider upgrading to a version that is not affected by this issue, as no specific fix is provided for these versions. As a temporary workaround, consider restricting access to the SMB Logon Server function until a patch is available. Avoid using long User-Password attributes in the affected module to minimize the risk of exploitation.