oss-sec mailing list archives

FreeRadius 1.1.7 CVE-2009-4481 being duplicate of CVE-2009-3111

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Mon, 11 Jan 2010 10:17:23 +0100

Hello Steve, Alan, Evgeny, vendors,

  this is due:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4481 being dupe CVE of
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3111

This was already discussed here:
    http://www.openwall.com/lists/oss-security/2009/09/09/1
    http://www.openwall.com/lists/oss-security/2009/09/09/4
    http://www.openwall.com/lists/oss-security/2009/09/09/5

Alan has confirmed in his reply with Message ID: <4AA7EFB6.5070609 () freeradius org>
(you should have it in you mbox, oss-security wasn't Cc-ed there), that it is the
same issue, as mentioned on intervydis.com.

And also Evgeny was so kind and updated intevydis.com page [1] to reflect
CVE-2009-3111 for FreeRADIUS DoS:

[1] http://intevydis.com/vd-list.shtml

Thanks && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Current thread:

FreeRadius 1.1.7 CVE-2009-4481 being duplicate of CVE-2009-3111 Jan Lieskovsky (Jan 11)
- Re: FreeRadius 1.1.7 CVE-2009-4481 being duplicate of CVE-2009-3111 Steven M. Christey (Jan 12)