28 matches found
Ubuntu: Security Advisory (USN-5785-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5785-1: FreeRADIUS vulnerabilities
It was discovered that FreeRADIUS incorrectly handled multiple EAP-pwd handshakes. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2019-17185 Shane Guan discovered that FreeRADIUS incorrectly handled memory when checking unkno...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : FreeRADIUS vulnerabilities (USN-5785-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5785-1 advisory. It was discovered that FreeRADIUS incorrectly handled multiple EAP-pwd handshakes. An attacker could possibly use thi...
SUSE: Security Advisory (SUSE-SU-2020:2391-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1018-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1023-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1020-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.04 / MAIN 5.04 : freeradius Multiple Vulnerabilities (NS-SA-2021-0037)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has freeradius packages installed that are affected by multiple vulnerabilities: - In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BNCTX instance to handle all handshakes. This mean multiple threads...
Oracle Linux 8 : freeradius:3.0 (ELSA-2020-4799)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-4799 advisory. 3.0.20-3 - Require make for proper bootstrap execution, removes post script Resolves: bz1672285 3.0.20-2 - Fix breakage caused by OpenSSL FIPS regression Relate...
Moderate: Red Hat Security Advisory: freeradius:3.0 security and bug fix update
An update for the freeradius:3.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : freeradius:3.0 (RHSA-2020:4799)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4799 advisory. FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized...
RLSA-2020:4799 Moderate: freeradius:3.0 security and bug fix update
FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized authentication and authorization for a network. Security Fixes: freeradius: eap-pwd: DoS issues due to multithreaded BNCTX access CVE-2019-17185 Fo...
Scientific Linux Security Update : freeradius on SL7.x x86_64 (20201001)
Security Fixes : - freeradius: privilege escalation due to insecure logrotate configuration CVE-2019-10143 - freeradius: eap-pwd: Information leak due to aborting when needing more than 10 iterations CVE-2019-13456 - freeradius: eap-pwd: DoS issues due to multithreaded BNCTX access CVE-2019-17185...
freeradius security update
CentOS Errata and Security Advisory CESA-2020:3984 An update for freeradius is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...
CentOS 7 : freeradius (RHSA-2020:3984)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3984 advisory. - It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has...
Huawei EulerOS: Security Advisory for freeradius (EulerOS-SA-2020-2133)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : freeradius (EulerOS-SA-2020-2133)
According to the versions of the freeradius package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BNCTX instance to handle all handshakes. This mean multiple threa...
SUSE SLES12 Security Update : freeradius-server (SUSE-SU-2020:2391-1)
This update for freeradius-server fixes the following issues : CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd bsc1144524. CVE-2019-17185: Fixed a debial of service due to multithreaded BNCTX access bsc1166847. Note that Tenable Network Security has extracted the preceding descripti...
SUSE-SU-2020:2391-1 Security update for freeradius-server
This update for freeradius-server fixes the following issues: - CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd bsc1144524. - CVE-2019-17185: Fixed a debial of service due to multithreaded BNCTX access bsc1166847...
Huawei EulerOS: Security Advisory for freeradius (EulerOS-SA-2020-1847)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...