CVE-2005-4744

Name of the Vulnerable Software and Affected Versions FreeRADIUS versions 1.0.2.5-5 through 1.0.4

Description The issue is related to an off-by-one error in the sql error function, which might allow remote attackers to cause a denial of service or possibly execute arbitrary code by causing the external database query to fail.

Recommendations For FreeRADIUS versions 1.0.2.5-5 through 1.0.4, consider restricting access to the sql error function in sql unixodbc.c until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.