oss-sec mailing list archives

CVE request: vulnerability in FreeRADIUS (OCSP)

From: dfncert () dfn-cert de
Date: Fri, 15 Jul 2011 15:13:02 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There is a vulnerability in the recently introduced OCSP feature in
FreeRADIUS version 2.1.11.

A patch was proposed to the packet maintainer.

Thanks.

- -- 
DFN-CERT Services GmbH, https://www.dfn-cert.de/, Phone +49 40 808077-555
Sitz/Register: Hamburg,  AG Hamburg,  HRB 88805,  Ust-IdNr.: DE 232129737
Sachsenstrasse 5, 20097 Hamburg/Germany,  CEO: Dr. Klaus-Peter Kossakowski
-----BEGIN PGP SIGNATURE-----

iQEVAwUBTiA83fNu3tfxLoPHAQJ4SAf/UVCeXlAojFxccVgLygyZFRboX2hPjeOF
b5OAyUWSi7Uh9O/NFpyUi/JErQI6Z2QYHnp0gnEWLMN/q3SJe6nnrH7EunNexUvx
cNAwASJoZS+JXpG9Q33oSLPeAkZ3jO6VgAy5dMQVFLDR0KV7y+1BW93v2yazzeXP
7vj7+umns4n5mr6/xEi4LXWTuVMvY0WEe3DFvZ21Sj3mxz07VvKp2/NU+LKOGVzT
76Zt2oJYb5bq3f8HP6Rrg62wY8bQPS2tNBj6MWieWh7Zf7GrwdmdaX4dqwk7Q+X/
OMN0+NYJLEGVlVayDcV6Dj/hDOQW2m2LRf7uwm//6qj0cwqqoZkyCw==
=o4QW
-----END PGP SIGNATURE-----

Current thread:

CVE request: vulnerability in FreeRADIUS (OCSP) dfncert (Jul 15)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Vincent Danen (Jul 15)
  - Re: CVE request: vulnerability in FreeRADIUS (OCSP) dfncert (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Ludwig Nussel (Jul 18)
  - Re: CVE request: vulnerability in FreeRADIUS (OCSP) dfncert (Jul 18)
    - Re: CVE request: vulnerability in FreeRADIUS (OCSP) Stefan Behte (Jul 18)
    - Re: CVE request: vulnerability in FreeRADIUS (OCSP) Solar Designer (Jul 18)
    - Re: CVE request: vulnerability in FreeRADIUS (OCSP) Tim Zingelman (Jul 18)
    - Re: CVE request: vulnerability in FreeRADIUS (OCSP) Solar Designer (Jul 19)
    - Re: CVE request: vulnerability in FreeRADIUS (OCSP) Tim Zingelman (Jul 19)
    - *BSD security contacts (was: CVE request: vulnerability in FreeRADIUS (OCSP)) Solar Designer (Jul 19)

(Thread continues...)