Mandriva Update for freeradius MDKSA-2007:085 (freeradius)

Check for the Version of freeradius OpenVAS Vulnerability Test Mandriva Update for freeradius MDKSA-2007:085 freeradius Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

CVE-2007-2028

Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service memory consumption via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUEPAIR...

CVE-2007-2028

Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service memory consumption via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUEPAIR...

CVE-2007-2028

The CVE-2007-2028 entry concerns FreeRADIUS up to version 1.1.5 (and earlier) with a memory leak in EAP-TTLS tunnel handling. A remote attacker can send large numbers of authentication requests using malformed Diameter format attributes, causing the server to consume memory and potentially trigge...

freeradius -- EAP-TTLS Tunnel Memory Leak Remote DOS Vulnerability

The freeradius development team reports: A malicious 802.1x supplicant could send malformed Diameter format attributes inside of an EAP-TTLS tunnel. The server would reject the authentication request, but would leak one VALUEPAIR data structure, of approximately 300 bytes. If an attacker performe...