oss-sec mailing list archives
Re: CVE request: vulnerability in FreeRADIUS (OCSP)
From: dfncert () dfn-cert de
Date: Mon, 18 Jul 2011 10:47:50 +0200
On Fri, Jul 15, 2011 at 11:18:49AM -0600, Vincent Danen wrote:
A patch was proposed to the packet maintainer.This is pretty light on the details. Any references to supply or an actual description of the problem?
The implemented procedure does not verify the status of the certificate. For instance, if the certificate has been revoked.
Link to upstream fixes, emails, bugs, whatever?
We are not aware of any upstream fix. -- DFN-CERT Services GmbH, https://www.dfn-cert.de/, Phone +49 40 808077-555 Sitz/Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737 Sachsenstraße 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski
Attachment:
_bin
Description:
Current thread:
- CVE request: vulnerability in FreeRADIUS (OCSP) dfncert (Jul 15)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Vincent Danen (Jul 15)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) dfncert (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Ludwig Nussel (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) dfncert (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Stefan Behte (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Solar Designer (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Tim Zingelman (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Solar Designer (Jul 19)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Tim Zingelman (Jul 19)
- *BSD security contacts (was: CVE request: vulnerability in FreeRADIUS (OCSP)) Solar Designer (Jul 19)
- Re: *BSD security contacts (was: CVE request: vulnerability in FreeRADIUS (OCSP)) Tim Zingelman (Jul 21)
- Re: *BSD security contacts Solar Designer (Jul 21)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) dfncert (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Vincent Danen (Jul 15)