Oracle: Security Advisory (ELSA-2012-1326)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : freeradius (openSUSE-SU-2012:1200-1)

This update of freeradius fixes a stack overflow in TLS handling, which can be exploited by remote attackers able to access Radius to execute code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

Fedora 17 : freeradius-2.2.0-0.fc17 (2012-15397)

This updates to the current upstream 2.2.0 release which is configuration compatible with the prior 2.1.12. Version 2.2.0 includes a security fix for CVE-2012-3547 Stack-based buffer overflow by processing This update also includes a fix to prevent .rpmsave and .rpmnew files from being read from...

Fedora Update for freeradius FEDORA-2012-15397

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for freeradius FEDORA-2012-15743

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 16 : freeradius-2.2.0-0.fc16 (2012-15743)

This updates to the current upstream 2.2.0 release which is configuration compatible with the prior 2.1.12. Version 2.2.0 includes a security fix for CVE-2012-3547 Stack-based buffer overflow This update also includes a fix to prevent .rpmsave and .rpmnew files from being read from the...

Medium: freeradius

Issue Overview: A buffer overflow flaw was discovered in the way radiusd handled the expiration date field in X.509 client certificates. A remote attacker could possibly use this flaw to crash radiusd if it were configured to use the certificate or TLS tunnelled authentication methods such as...

Mandriva Update for freeradius MDVSA-2012:159 (freeradius)

Check for the Version of freeradius OpenVAS Vulnerability Test Mandriva Update for freeradius MDVSA-2012:159 freeradius Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Mandriva Linux Security Advisory : freeradius (MDVSA-2012:159)

A vulnerability has been found and corrected in freeradius : Stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via a...

Scientific Linux Security Update : freeradius2 on SL5.x i386/x86_64 (20121002)

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized authentication and authorization for a network. A buffer overflow flaw was discovered in the way radiusd handled the expiration date field in X.509...

RHEL 6 : freeradius (RHSA-2012:1326)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1326 advisory. FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized...

CentOS Update for freeradius2 CESA-2012:1327 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 5 : freeradius2 (CESA-2012:1327)

Updated freeradius2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CentOS 6 : freeradius (CESA-2012:1326)

Updated freeradius packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 5 : freeradius2 (RHSA-2012:1327)

Updated freeradius2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

freeradius security update

2.1.12-4 - resolves: bug855316 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509 certificate validation...

CVE-2012-3547

CVE-2012-3547 affects FreeRADIUS 2.1.10–2.1.12 via a stack-based overflow in the cbtls_verify function when TLS-based EAP methods are used. A long “not after” timestamp in a client certificate can lead to remote server crash (DoS) or possibly arbitrary code execution. Remediation observed in conn...

[SECURITY] [DSA 2546-1] freeradius security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2546-1 [email protected] http://www.debian.org/security/ Nico Golde September 11, 2012 http://www.debian.org/security/faq -...

Security fix for the ALT Linux 6 package freeradius version 2.1.10-alt3.M60P.1

Sept. 14, 2012 Vladimir Lettiev 2.1.10-alt3.M60P.1 - Security fix: CVE-2012-3547 - Fixed permissions for /etc/raddb/modules, /etc/raddb/sql/mysql, /etc/raddb/sql/postgresql dirs 640 - 750...

[SECURITY] [DSA 2546-1] freeradius security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2546-1 [email protected] http://www.debian.org/security/ Nico Golde September 11, 2012 http://www.debian.org/security/faq -...