FreeRADIUS exec.c Arbitrary File Descriptor Access

2005-09-09T03:29:51
ID OSVDB:19329
Type osvdb
Reporter OSVDB
Modified 2005-09-09T03:29:51

Description

Technical Description

An attacker must supply valid RADIUS server administrator authentication credentials in order to exploit this vulnerability.

It should be noted: "If an attacker can access open FD's in the executed program, they can write to any program on the system, in which case there are very many other, and worse, things that they can do."

Solution Description

Upgrade to version 1.0.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor Specific News/Changelog Entry: http://www.freeradius.org/security/20050909-response-to-suse.txt Vendor Specific Advisory URL Related OSVDB ID: 19327 Related OSVDB ID: 19326 Related OSVDB ID: 19328 Related OSVDB ID: 19330