Уязвимость CVE-2019-11235

Пакет	Статус	Версия исправления	Релиз	Тип
freeradius	fixed	3.0.17+dfsg-1.1		package
freeradius	no-dsa		stretch	package
freeradius	not-affected		jessie	package

CVE-2019-11235

CVSS3: 9.8

ubuntu

почти 7 лет назад

FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.

CVE-2019-11235

CVSS3: 8.1

redhat

почти 7 лет назад

FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.

CVE-2019-11235

CVSS3: 9.8

nvd

почти 7 лет назад

FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.

GHSA-qx2m-p74g-xjwh

CVSS3: 9.8

github

больше 3 лет назад

FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.

BDU:2020-01576

CVSS3: 9.8

fstec

почти 7 лет назад

Уязвимость RADIUS-сервера FreeRADIUS, связанная с недостаточной проверкой подлинности данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

exploitDog

CVE-2019-11235

Описание

Пакеты

Примечания

Связанные уязвимости