10 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-4680
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates. CVE-2015-4680 Note that Nessus relies o...
RHEL 6 : freeradius (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - freeradius: insufficent CRL application CVE-2015-4680 Note that Nessus has not tested for this issue but has instea...
SUSE: Security Advisory (SUSE-SU-2017:0102-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-977-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : freeradius-server (SUSE-SU-2017:1777-1)
This update for freeradius-server fixes the following issues : - CVE-2017-9148: Disable OpenSSL's internal session cache to mitigate authentication bypass. bnc1041445 - CVE-2015-4680: Add a configuration option to allow checking of all intermediate certificates for revocations. bnc935573 The...
CVE-2015-4680
FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates...
CVE-2015-4680
FreeRADIUS is affected by CVE-2015-4680. Versions 2.2.x prior to 2.2.8 and 3.0.x prior to 3.0.9 do not properly check revocation of intermediate CA certificates, potentially allowing certificates issued by revoked intermediate authorities to be trusted. The vulnerability’s impact is reflected as ...
SUSE SLES12 Security Update : freeradius-server (SUSE-SU-2017:0102-1)
This update of freeradius-server fixes several issues. Security issue fixed : - CVE-2015-4680: Fixed Insufficent CRL application for intermediate certificates bsc935573 Non security issues fixed : - Allows FreeRadius Server to start on SUSE Linux Enterprise Server 12 SP2 systems by relaxing a too...
SUSE-SU-2017:0102-1 Security update for freeradius-server
This update of freeradius-server fixes several issues. Security issue fixed: - CVE-2015-4680: Fixed Insufficent CRL application for intermediate certificates bsc935573 Non security issues fixed: - Allows FreeRadius Server to start on SUSE Linux Enterprise Server 12 SP2 systems by relaxing a too...
[oCERT-2015-008] FreeRADIUS insufficent CRL application
2015-008 FreeRADIUS insufficent CRL application Description: The FreeRADIUS server is an open source project that provides a RADIUS implementation. The FreeRADIUS server relies on OpenSSL to perform certificate validation, including Certificate Revocation List CRL checks. The FreeRADIUS usage of...