Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2004:609
HistoryNov 12, 2004 - 12:00 a.m.

(RHSA-2004:609) freeradius security update

2004-11-1200:00:00
access.redhat.com
16

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.932 High

EPSS

Percentile

98.8%

JSON

FreeRADIUS is a high-performance and highly configurable free RADIUS server
designed to allow centralized authentication and authorization for a network.

A number of flaws were found in FreeRADIUS versions prior to 1.0.1. An
attacker who is able to send packets to the server could construct
carefully constructed packets in such a way as to cause the server to
consume memory or crash. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the names CAN-2004-0938, CAN-2004-0960, and
CAN-2004-0961 to these issues.

Users of FreeRADIUS should update to these erratum packages that contain
FreeRADIUS 1.0.1, which is not vulnerable to these issues and also corrects
a number of bugs.

OSVersionArchitecturePackageVersionFilename
RedHatanyia64freeradius< 1.0.1-1.RHEL3freeradius-1.0.1-1.RHEL3.ia64.rpm

Related

nessus 3
openvas 6
freebsd 1
gentoo 1
suse 2
debiancve 3
checkpoint_advisories 2
ubuntucve 1
cve 3
cert 1
nessus
nessus
RHEL 3 : freeradius (RHSA-2004:609)
2004-11-13 00:00:00
GLSA-200409-29 : FreeRADIUS: Multiple Denial of Service vulnerabilities
2004-09-23 00:00:00
FreeBSD : freeradius -- denial-of-service vulnerability (20dfd134-1d39-11d9-9be9-000c6e8f12ef)
2005-07-13 00:00:00
openvas
openvas
SLES9: Security update for freeradius
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200409-29 (FreeRADIUS)
2008-09-24 00:00:00
FreeBSD Ports: freeradius
2008-09-04 00:00:00
freebsd
freebsd
freeradius -- denial-of-service vulnerability
2004-09-20 00:00:00
gentoo
gentoo
FreeRADIUS: Multiple Denial of Service vulnerabilities
2004-09-22 00:00:00
suse
suse
remote system compromise in xpdf, gpdf, kdegraphics3-pdf, pdftohtml, cups
2004-10-26 10:45:14
local privilege escalation in libtiff
2004-10-22 14:52:41
debiancve
debiancve
CVE-2004-0938
2004-11-03 05:00:00
CVE-2004-0961
2005-02-09 05:00:00
CVE-2004-0960
2005-02-09 05:00:00
checkpoint_advisories
checkpoint_advisories
FreeRADIUS Illegal Attributes Denial of Service - ver 2 (CVE-2004-0938)
2014-05-08 00:00:00
FreeRADIUS Illegal Attributes Denial of Service (CVE-2004-0938)
2009-12-08 00:00:00
ubuntucve
ubuntucve
CVE-2004-0938
2004-11-03 00:00:00
cve
cve
CVE-2004-0938
2004-11-03 05:00:00
CVE-2004-0961
2005-02-09 05:00:00
CVE-2004-0960
2005-02-09 05:00:00
cert
cert
freeRADIUS Server vulnerable to a denial-of-service attack
2004-10-06 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.932 High

EPSS

Percentile

98.8%

JSON
Related for RHSA-2004:609
nessus3openvas6freebsd1gentoo1suse2debiancve3checkpoint_advisories2ubuntucve1cve3cert1