Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2009-1451

Опубликовано: 17 сент. 2009
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2009-1451: freeradius security update (MODERATE)

[1.1.3-1.5]

  • Security: Fix Tunnel-Password zero-length attributes flaw (bug #521912) Resolves: RH BZ#522062
  • rebase a couple of old patches (freeradius-0.9.0-com_err.patch, freeradius-1.0.0-samba3.patch) so they apply with fuzz=0

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

freeradius

1.1.3-1.5.el5_4

freeradius-mysql

1.1.3-1.5.el5_4

freeradius-postgresql

1.1.3-1.5.el5_4

freeradius-unixODBC

1.1.3-1.5.el5_4

Oracle Linux x86_64

freeradius

1.1.3-1.5.el5_4

freeradius-mysql

1.1.3-1.5.el5_4

freeradius-postgresql

1.1.3-1.5.el5_4

freeradius-unixODBC

1.1.3-1.5.el5_4

Oracle Linux i386

freeradius

1.1.3-1.5.el5_4

freeradius-mysql

1.1.3-1.5.el5_4

freeradius-postgresql

1.1.3-1.5.el5_4

freeradius-unixODBC

1.1.3-1.5.el5_4

Связанные CVE

CVE-2009-3111

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2009-3111

ubuntu
почти 16 лет назад

The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.

redhat логотип

CVE-2009-3111

redhat
почти 16 лет назад

The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.

nvd логотип

CVE-2009-3111

nvd
почти 16 лет назад

The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.

debian логотип

CVE-2009-3111

debian
почти 16 лет назад

The rad_decode function in FreeRADIUS before 1.1.8 allows remote attac ...

github логотип

GHSA-q2fp-fcx5-hff3

github
около 3 лет назад

The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.