Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2006-2021 Tenable Network Security, Inc.DEBIAN_DSA-1145.NASL
HistoryOct 14, 2006 - 12:00 a.m.

Debian DSA-1145-1 : freeradius - several vulnerabilities

2006-10-1400:00:00
This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.
www.tenable.com
11
JSON

Several remote vulnerabilities have been discovered in freeradius, a high-performance RADIUS server, which may lead to SQL injection or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems :

  • CVE-2005-4745 A SQL injection vulnerability has been discovered in the rlm_sqlcounter module.

  • CVE-2005-4746 Multiple buffer overflows have been discovered, allowing denial of service.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-1145. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(22687);
  script_version("1.16");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2005-4745", "CVE-2005-4746");
  script_xref(name:"DSA", value:"1145");

  script_name(english:"Debian DSA-1145-1 : freeradius - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several remote vulnerabilities have been discovered in freeradius, a
high-performance RADIUS server, which may lead to SQL injection or
denial of service. The Common Vulnerabilities and Exposures project
identifies the following problems :

  - CVE-2005-4745
    A SQL injection vulnerability has been discovered in the
    rlm_sqlcounter module.

  - CVE-2005-4746
    Multiple buffer overflows have been discovered, allowing
    denial of service."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2005-4745"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2005-4746"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.debian.org/security/2006/dsa-1145"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the freeradius packages.

For the stable distribution (sarge) these problems have been fixed in
version 1.0.2-4sarge3."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:freeradius");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2006/08/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/10/14");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"3.1", prefix:"freeradius", reference:"1.0.2-4sarge3")) flag++;
if (deb_check(release:"3.1", prefix:"freeradius-dialupadmin", reference:"1.0.2-4sarge3")) flag++;
if (deb_check(release:"3.1", prefix:"freeradius-iodbc", reference:"1.0.2-4sarge3")) flag++;
if (deb_check(release:"3.1", prefix:"freeradius-krb5", reference:"1.0.2-4sarge3")) flag++;
if (deb_check(release:"3.1", prefix:"freeradius-ldap", reference:"1.0.2-4sarge3")) flag++;
if (deb_check(release:"3.1", prefix:"freeradius-mysql", reference:"1.0.2-4sarge3")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxfreeradiusp-cpe:/a:debian:debian_linux:freeradius
debiandebian_linux3.1cpe:/o:debian:debian_linux:3.1

Related

openvas 4
osv 1
debian 1
cve 2
debiancve 2
ubuntucve 2
redhatcve 2
nessus 1
freebsd 1
openvas
openvas
Debian: Security Advisory (DSA-1145-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1145-1 (freeradius)
2008-01-17 00:00:00
FreeBSD Ports: freeradius, freeradius-mysql
2008-09-04 00:00:00
osv
osv
freeradius - several
2006-08-08 00:00:00
debian
debian
[SECURITY] [DSA 1145-1] New freeradius packages fix several vulnerabilities
2006-08-07 23:29:07
cve
cve
CVE-2005-4746
2005-12-31 05:00:00
CVE-2005-4745
2005-12-31 05:00:00
debiancve
debiancve
CVE-2005-4746
2005-12-31 05:00:00
CVE-2005-4745
2005-12-31 05:00:00
ubuntucve
ubuntucve
CVE-2005-4746
2005-12-31 00:00:00
CVE-2005-4745
2005-12-31 00:00:00
redhatcve
redhatcve
CVE-2005-4746
2015-10-30 10:19:11
CVE-2005-4745
2015-10-30 10:19:05
nessus
nessus
FreeBSD : freeradius -- EAP-TTLS Tunnel Memory Leak Remote DOS Vulnerability (c110eda2-e995-11db-a944-0012f06707f0)
2007-04-19 00:00:00
freebsd
freebsd
freeradius -- EAP-TTLS Tunnel Memory Leak Remote DOS Vulnerability
2007-04-10 00:00:00
JSON
Related for DEBIAN_DSA-1145.NASL
openvas4osv1debian1cve2debiancve2ubuntucve2redhatcve2nessus1freebsd1