CVE-2010-3696

Name of the Vulnerable Software and Affected Versions FreeRADIUS version 2.1.9

Description The issue is related to the fr dhcp decode function in lib/dhcp.c, which does not properly handle the DHCP Relay Agent Information option in certain non-default builds. This can be exploited by remote attackers to cause a denial of service, resulting in an infinite loop and daemon outage, via a packet that contains more than one sub-option.

Recommendations For FreeRADIUS version 2.1.9, consider applying a patch or fix that properly handles the DHCP Relay Agent Information option to prevent the denial of service. As a temporary workaround, restrict access to the fr dhcp decode function until a patch is available.