Описание
ELSA-2024-4936: freeradius:3.0 security update (IMPORTANT)
[3.0.20-15]
- Backport BlastRADIUS CVE fix Resolves: RHEL-46572
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module freeradius:3.0 is enabled
freeradius
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-devel
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-doc
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-krb5
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-ldap
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-mysql
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-perl
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-postgresql
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-rest
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-sqlite
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-unixODBC
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-utils
3.0.20-15.module+el8.10.0+90375+641abe33
python3-freeradius
3.0.20-15.module+el8.10.0+90375+641abe33
Oracle Linux x86_64
Module freeradius:3.0 is enabled
freeradius
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-devel
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-doc
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-krb5
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-ldap
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-mysql
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-perl
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-postgresql
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-rest
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-sqlite
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-unixODBC
3.0.20-15.module+el8.10.0+90375+641abe33
freeradius-utils
3.0.20-15.module+el8.10.0+90375+641abe33
python3-freeradius
3.0.20-15.module+el8.10.0+90375+641abe33
Связанные CVE
Связанные уязвимости
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a ...