CVE-2007-0080

Name of the Vulnerable Software and Affected Versions FreeRadius versions 1.1.3 and earlier

Description A buffer overflow issue in the SMB Connect Server function allows attackers to execute arbitrary code related to the desthost field of an SMB Handle Type instance. The impact of this issue has been disputed, with the vendor stating that exploitation is limited to local administrators who have write access to the server configuration files.

Recommendations For FreeRadius versions 1.1.3 and earlier, consider restricting access to the server configuration files to minimize the risk of exploitation. As a temporary workaround, limit write access to these files to only necessary administrators. At the moment, there is no information about a newer version that contains a fix for this vulnerability.