Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-4966HistoryMar 12, 2013 - 11:55 p.m.
CVE-2011-4966
2013-03-1223:55:00
Debian Security Bug Tracker
security-tracker.debian.org
7
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.7%
modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | freeradius | < 2.1.12+dfsg-1.2 | freeradius_2.1.12+dfsg-1.2_all.deb |
| Debian | 11 | all | freeradius | < 2.1.12+dfsg-1.2 | freeradius_2.1.12+dfsg-1.2_all.deb |
| Debian | 10 | all | freeradius | < 2.1.12+dfsg-1.2 | freeradius_2.1.12+dfsg-1.2_all.deb |
| Debian | 999 | all | freeradius | < 2.1.12+dfsg-1.2 | freeradius_2.1.12+dfsg-1.2_all.deb |
| Debian | 13 | all | freeradius | < 2.1.12+dfsg-1.2 | freeradius_2.1.12+dfsg-1.2_all.deb |
Related
openvas
openvas
RedHat Update for freeradius2 RHSA-2013:0134-01
2013-01-11 00:00:00
RedHat Update for freeradius2 RHSA-2013:0134-01
2013-01-11 00:00:00
CentOS Update for freeradius2 CESA-2013:0134 centos5
2013-01-21 00:00:00
veracode
veracode
Authentication Bypass
2019-01-15 08:50:49
ubuntucve
ubuntucve
CVE-2011-4966
2013-03-12 00:00:00
prion
prion
Design/Logic Flaw
2013-03-12 23:55:00
nessus
nessus
openSUSE Security Update : freeradius-server (openSUSE-SU-2013:0137-1)
2014-06-13 00:00:00
RHEL 5 : freeradius2 (RHSA-2013:0134)
2013-01-08 00:00:00
redhat
redhat
(RHSA-2013:0134) Low: freeradius2 security and bug fix update
2013-01-08 00:00:00
cve
cve
CVE-2011-4966
2013-03-12 23:55:00
centos
centos
freeradius2 security update
2013-01-09 19:53:35
cbl_mariner
cbl_mariner
CVE-2011-4966 affecting package freeradius 3.2.3-2
2024-05-05 03:07:45
securityvulns
securityvulns
[USN-2122-1] FreeRADIUS vulnerabilities
2014-02-28 00:00:00
FreeRADIUS security vulnerabilities
2014-02-28 00:00:00
oraclelinux
oraclelinux
freeradius2 security and bug fix update
2013-01-11 00:00:00
ubuntu
ubuntu
FreeRADIUS vulnerabilities
2014-02-26 00:00:00
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.7%
Related for DEBIANCVE:CVE-2011-4966