Download
| Alert*
|
oval:org.secpod.oval:def:89044716
This update for freeradius-server fixes the following issues: Security issues fixed: - CVE-2017-10981: DHCP - Fix memory leak in fr_dhcp_decode. - CVE-2017-10982: Fix buffer over-read in fr_dhcp_decode_options. - CVE-2017-10983: Fix read overflow when decoding option 63. - CVE-2017-10978: Fix rea ... oval:org.secpod.oval:def:204541 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: * An out-of-bounds write flaw was found in the way FreeRADIUS server handled certain attribute ... oval:org.secpod.oval:def:703730 freeradius: high-performance and highly configurable RADIUS server Several security issues were fixed in FreeRADIUS. oval:org.secpod.oval:def:1600745 Out-of-bounds read in fr_dhcp_decode_options:An out-of-bounds read flaw was found in the way FreeRADIUS server handles decoding of DHCP packets. A remote attacker could use this flaw to crash the FreeRADIUS server by sending a specially crafted DHCP request. Out-of-bounds read in fr_dhcp_decode when ... oval:org.secpod.oval:def:53113 Guido Vranken discovered that FreeRADIUS, an open source implementation of RADIUS, the IETF protocol for AAA , did not properly handle memory when processing packets. This would allow a remote attacker to cause a denial-of-service by application crash, or potentially execute arbitrary code. All thos ... oval:org.secpod.oval:def:51857 freeradius: high-performance and highly configurable RADIUS server Several security issues were fixed in FreeRADIUS. oval:org.secpod.oval:def:603047 Guido Vranken discovered that FreeRADIUS, an open source implementation of RADIUS, the IETF protocol for AAA , did not properly handle memory when processing packets. This would allow a remote attacker to cause a denial-of-service by application crash, or potentially execute arbitrary code. All thos ... oval:org.secpod.oval:def:1501931 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502068 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: * An out-of-bounds write flaw was found in the way FreeRADIUS server handled certain attribute ... |
