[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2012:1327-01 -- Redhat freeradius2

ID: oval:org.secpod.oval:def:500900Date: (C)2012-11-02   (M)2023-12-07
Class: PATCHFamily: unix




FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. A buffer overflow flaw was discovered in the way radiusd handled the expiration date field in X.509 client certificates. A remote attacker could possibly use this flaw to crash radiusd if it were configured to use the certificate or TLS tunnelled authentication methods . Red Hat would like to thank Timo Warns of PRESENSE Technologies GmbH for reporting this issue. Users of FreeRADIUS are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, radiusd will be restarted automatically.

Platform:
Red Hat Enterprise Linux 5
Product:
freeradius2
Reference:
RHSA-2012:1327-01
CVE-2012-3547
CVE    1
CVE-2012-3547
CPE    2
cpe:/o:redhat:enterprise_linux:5
cpe:/a:freeradius2:freeradius2

© SecPod Technologies