{"id":"CVE-2004-0960","details":"FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.","modified":"2026-04-10T03:36:28.723627Z","published":"2005-02-09T05:00:00Z","references":[{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200409-29.xml"},{"type":"ADVISORY","url":"http://www.kb.cert.org/vuls/id/541574"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/11222"},{"type":"FIX","url":"http://www.securityfocus.com/bid/11222"},{"type":"WEB","url":"http://www.kb.cert.org/vuls/id/541574"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"},{"type":"WEB","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023"}],"schema_version":"1.7.5"}