[<prev] [next>] [day] [month] [year] [list]
Message-ID: <3FC39895.7080004@gentoo.org>
From: plasmaroo at gentoo.org (Tim Yamin)
Subject: GLSA 200311-04
-------------------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200311-04
-------------------------------------------------------------------------------
Package : net-dialup/freeradius
Summary : FreeRADIUS heap exploit and NULL pointer derefence
exploits
Date : 2003-11-23
Exploit : remote
Versions Affected : <= 0.9.2
Fixed Version : >= 0.9.3
Gentoo Bug ID : #33989
CVE : - None -
Priority : Normal
-------------------------------------------------------------------------------
SUMMARY:
========
FreeRADIUS versions below 0.9.3 are vulnerable to a heap exploit,
however, the attack code must be in the form of a valid RADIUS packet
which limits the possible exploits.
Also corrected in the 0.9.3 release is another vulnerability which
causes the RADIUS server to de-reference a NULL pointer and crash when
an Access-Request packet with a Tunnel-Password is received.
Please see the announcement at:
http://www.securitytracker.com/alerts/2003/Nov/
1008263.html for more details regarding the issue.
SOLUTION:
=========
Users are encouraged to perform an 'emerge --sync' and upgrade the
package to the latest available version - 0.9.3 is available in portage
and is marked as stable.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 252 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031125/dc1a33f8/attachment.bin
Powered by blists - more mailing lists