Full Disclosure mailing list archives

GLSA 200311-04

From: Tim Yamin <plasmaroo () gentoo org>
Date: Tue, 25 Nov 2003 17:59:49 +0000

-------------------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200311-04
-------------------------------------------------------------------------------
           Package : net-dialup/freeradius
           Summary : FreeRADIUS heap exploit and NULL pointer derefence
                     exploits
              Date : 2003-11-23
           Exploit : remote
 Versions Affected : <= 0.9.2
     Fixed Version : >= 0.9.3
     Gentoo Bug ID : #33989
               CVE : - None -
          Priority : Normal
-------------------------------------------------------------------------------

SUMMARY:
========

FreeRADIUS versions below 0.9.3 are vulnerable to a heap exploit,
however, the attack code must be in the form of a valid RADIUS packet
which limits the possible exploits.

Also corrected in the 0.9.3 release is another vulnerability which
causes the RADIUS server to de-reference a NULL pointer and crash when
an Access-Request packet with a Tunnel-Password is received.

Please see the announcement at:
http://www.securitytracker.com/alerts/2003/Nov/
1008263.html for more details regarding the issue.

SOLUTION:
=========

Users are encouraged to perform an 'emerge --sync' and upgrade the
package to the latest available version - 0.9.3 is available in portage
and is marked as stable.

Attachment: _bin
Description:

Current thread:

GLSA 200311-04 Tim Yamin (Nov 25)