Medium: freeradius

2012-10-0810:40:00

alas.aws.amazon.com

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.063 Low

EPSS

Percentile

93.5%

JSON

Issue Overview:

A buffer overflow flaw was discovered in the way radiusd handled the expiration date field in X.509 client certificates. A remote attacker could possibly use this flaw to crash radiusd if it were configured to use the certificate or TLS tunnelled authentication methods (such as EAP-TLS, EAP-TTLS, and PEAP). (CVE-2012-3547)

Affected Packages:

freeradius

Issue Correction:
Run yum update freeradius to update your system.

New Packages:

i686:  
    freeradius-perl-2.1.12-4.11.amzn1.i686  
    freeradius-utils-2.1.12-4.11.amzn1.i686  
    freeradius-ldap-2.1.12-4.11.amzn1.i686  
    freeradius-unixODBC-2.1.12-4.11.amzn1.i686  
    freeradius-postgresql-2.1.12-4.11.amzn1.i686  
    freeradius-python-2.1.12-4.11.amzn1.i686  
    freeradius-mysql-2.1.12-4.11.amzn1.i686  
    freeradius-2.1.12-4.11.amzn1.i686  
    freeradius-krb5-2.1.12-4.11.amzn1.i686  
    freeradius-debuginfo-2.1.12-4.11.amzn1.i686  
  
src:  
    freeradius-2.1.12-4.11.amzn1.src  
  
x86_64:  
    freeradius-postgresql-2.1.12-4.11.amzn1.x86_64  
    freeradius-mysql-2.1.12-4.11.amzn1.x86_64  
    freeradius-ldap-2.1.12-4.11.amzn1.x86_64  
    freeradius-debuginfo-2.1.12-4.11.amzn1.x86_64  
    freeradius-unixODBC-2.1.12-4.11.amzn1.x86_64  
    freeradius-utils-2.1.12-4.11.amzn1.x86_64  
    freeradius-perl-2.1.12-4.11.amzn1.x86_64  
    freeradius-krb5-2.1.12-4.11.amzn1.x86_64  
    freeradius-python-2.1.12-4.11.amzn1.x86_64  
    freeradius-2.1.12-4.11.amzn1.x86_64

Additional References

Red Hat: CVE-2012-3547

Mitre: CVE-2012-3547

OSVersionArchitecturePackageVersionFilename
Amazon Linux1i686freeradius-perl< 2.1.12-4.11.amzn1freeradius-perl-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux1i686freeradius-utils< 2.1.12-4.11.amzn1freeradius-utils-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux1i686freeradius-ldap< 2.1.12-4.11.amzn1freeradius-ldap-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux1i686freeradius-unixodbc< 2.1.12-4.11.amzn1freeradius-unixODBC-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux1i686freeradius-postgresql< 2.1.12-4.11.amzn1freeradius-postgresql-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux1i686freeradius-python< 2.1.12-4.11.amzn1freeradius-python-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux1i686freeradius-mysql< 2.1.12-4.11.amzn1freeradius-mysql-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux1i686freeradius< 2.1.12-4.11.amzn1freeradius-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux1i686freeradius-krb5< 2.1.12-4.11.amzn1freeradius-krb5-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux1i686freeradius-debuginfo< 2.1.12-4.11.amzn1freeradius-debuginfo-2.1.12-4.11.amzn1.i686.rpm

OS	Version	Architecture	Package	Version	Filename
Amazon Linux	1	i686	freeradius-perl	< 2.1.12-4.11.amzn1	freeradius-perl-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux	1	i686	freeradius-utils	< 2.1.12-4.11.amzn1	freeradius-utils-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux	1	i686	freeradius-ldap	< 2.1.12-4.11.amzn1	freeradius-ldap-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux	1	i686	freeradius-unixodbc	< 2.1.12-4.11.amzn1	freeradius-unixODBC-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux	1	i686	freeradius-postgresql	< 2.1.12-4.11.amzn1	freeradius-postgresql-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux	1	i686	freeradius-python	< 2.1.12-4.11.amzn1	freeradius-python-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux	1	i686	freeradius-mysql	< 2.1.12-4.11.amzn1	freeradius-mysql-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux	1	i686	freeradius	< 2.1.12-4.11.amzn1	freeradius-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux	1	i686	freeradius-krb5	< 2.1.12-4.11.amzn1	freeradius-krb5-2.1.12-4.11.amzn1.i686.rpm
Amazon Linux	1	i686	freeradius-debuginfo	< 2.1.12-4.11.amzn1	freeradius-debuginfo-2.1.12-4.11.amzn1.i686.rpm