Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote attackers to execute arbitrary code via unknown vectors.
https://exchange.xforce.ibmcloud.com/vulnerabilities/30508
http://www.vupen.com/english/advisories/2006/4712
http://www.securityfocus.com/bid/21303
http://securitytracker.com/id?1017285
http://security.gentoo.org/glsa/glsa-200612-17.xml
http://secunia.com/advisories/23087
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=443