freeradius: denial of service
| Package(s): | freeradius |
CVE #(s): | CVE-2003-0967
CVE-2009-3111
|
| Created: | September 10, 2009 |
Updated: | January 11, 2010 |
| Description: |
From the Mandriva alert:
The rad_decode function in FreeRADIUS before 1.1.8 allows remote
attackers to cause a denial of service (radiusd crash) via zero-length
Tunnel-Password attributes. NOTE: this is a regression error related
to CVE-2003-0967 (CVE-2009-3111). |
| Alerts: |
| Mandriva |
MDVSA-2009:227-1 |
freeradius |
2010-01-11 |
| Ubuntu |
USN-832-1 |
freeradius |
2009-09-16 |
| Red Hat |
RHSA-2009:1451-01 |
freeradius |
2009-09-17 |
| SuSE |
SUSE-SR:2009:018 |
cyrus-imapd, neon/libneon, freeradius, strongswan, openldap2, apache2-mod_jk, expat, xpdf, mozilla-nspr |
2009-11-10 |
| Mandriva |
MDVSA-2009:226 |
freeradius |
2009-09-10 |
| CentOS |
CESA-2009:1451 |
freeradius |
2009-10-30 |
| SuSE |
SUSE-SR:2009:016 |
silc-toolkit, open-iscsi, strongswan,freeswan,openswan, mutt, openldap2, cyrus-imapd, java-1_6_0-openjdk, postgresql, IBMJava2-JRE/java-1_4_2-ibm, wireshark, freeradius, dovecot |
2009-10-13 |
|
