Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-3369-1
HistoryJul 27, 2017 - 12:00 a.m.

FreeRADIUS vulnerabilities

2017-07-2700:00:00
ubuntu.com
30

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.771 High

EPSS

Percentile

98.2%

JSON

Releases

  • Ubuntu 17.04
  • Ubuntu 16.04 ESM
  • Ubuntu 14.04 ESM

Packages

  • freeradius - high-performance and highly configurable RADIUS server

Details

Guido Vranken discovered that FreeRADIUS incorrectly handled memory when
decoding packets. A remote attacker could use this issue to cause
FreeRADIUS to crash or hang, resulting in a denial of service, or possibly
execute arbitrary code.

OSVersionArchitecturePackageVersionFilename
Ubuntu17.04noarchfreeradius< 3.0.12+dfsg-4ubuntu1.2UNKNOWN
Ubuntu17.04noarchfreeradius-common< 3.0.12+dfsg-4ubuntu1.2UNKNOWN
Ubuntu17.04noarchfreeradius-config< 3.0.12+dfsg-4ubuntu1.2UNKNOWN
Ubuntu17.04noarchfreeradius-dbgsym< 3.0.12+dfsg-4ubuntu1.2UNKNOWN
Ubuntu17.04noarchfreeradius-dhcp< 3.0.12+dfsg-4ubuntu1.2UNKNOWN
Ubuntu17.04noarchfreeradius-dhcp-dbgsym< 3.0.12+dfsg-4ubuntu1.2UNKNOWN
Ubuntu17.04noarchfreeradius-iodbc< 3.0.12+dfsg-4ubuntu1.2UNKNOWN
Ubuntu17.04noarchfreeradius-iodbc-dbgsym< 3.0.12+dfsg-4ubuntu1.2UNKNOWN
Ubuntu17.04noarchfreeradius-krb5< 3.0.12+dfsg-4ubuntu1.2UNKNOWN
Ubuntu17.04noarchfreeradius-krb5-dbgsym< 3.0.12+dfsg-4ubuntu1.2UNKNOWN
Rows per page:
1-10 of 681

Related

nessus 24
openvas 16
debian 3
mageia 1
centos 2
redhat 2
osv 12
amazon 1
oraclelinux 2
archlinux 1
fedora 2
suse 2
apple 2
veracode 6
ubuntucve 10
prion 10
debiancve 10
cve 10
redhatcve 10
checkpoint_advisories 2
nessus
nessus
Debian DSA-3930-1 : freeradius - security update
2017-08-11 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : FreeRADIUS vulnerabilities (USN-3369-1)
2017-07-28 00:00:00
Fedora 26 : freeradius (2017-0d726dbed3)
2017-07-28 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3930-1)
2017-08-09 00:00:00
Ubuntu: Security Advisory (USN-3369-1)
2017-07-28 00:00:00
Mageia: Security Advisory (MGASA-2017-0232)
2022-01-28 00:00:00
debian
debian
[SECURITY] [DSA 3930-1] freeradius security update
2017-08-10 14:48:43
[SECURITY] [DSA 3930-1] freeradius security update
2017-08-10 14:48:43
[SECURITY] [DLA 1064-1] freeradius security update
2017-08-25 17:46:20
mageia
mageia
Updated freeradius packages fix security vulnerabilities
2017-07-30 18:58:51
centos
centos
freeradius security update
2017-08-24 09:43:49
freeradius security update
2017-07-19 14:29:47
redhat
redhat
(RHSA-2017:2389) Important: freeradius security update
2017-08-01 14:36:42
(RHSA-2017:1759) Important: freeradius security update
2017-07-18 02:27:56
osv
osv
freeradius - security update
2017-08-25 00:00:00
freeradius - security update
2017-08-10 00:00:00
CVE-2017-10980
2017-07-17 17:29:00
amazon
amazon
Important: freeradius
2017-08-03 19:11:00
oraclelinux
oraclelinux
freeradius security update
2017-07-18 00:00:00
freeradius security update
2017-08-09 00:00:00
archlinux
archlinux
[ASA-201707-23] freeradius: multiple issues
2017-07-18 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: freeradius-3.0.15-1.fc26
2017-07-27 16:54:18
[SECURITY] Fedora 25 Update: freeradius-3.0.15-1.fc25
2017-07-27 21:54:09
suse
suse
Security update for freeradius-server (important)
2017-08-17 12:15:26
Security update for freeradius-server (important)
2017-08-28 15:07:53
apple
apple
About the security content of macOS Server 5.4 - Apple Support
2017-10-31 05:52:44
About the security content of macOS Server 5.4
2017-09-25 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 06:30:37
Denial Of Service (DoS)
2019-05-02 06:30:37
Denial Of Service (DoS)
2019-05-02 06:30:37
ubuntucve
ubuntucve
CVE-2017-10987
2017-07-17 00:00:00
CVE-2017-10980
2017-07-17 00:00:00
CVE-2017-10984
2017-07-17 00:00:00
prion
prion
Design/Logic Flaw
2017-07-17 17:29:00
Memory corruption
2017-07-17 17:29:00
Buffer overflow
2017-07-17 17:29:00
debiancve
debiancve
CVE-2017-10980
2017-07-17 17:29:00
CVE-2017-10984
2017-07-17 17:29:00
CVE-2017-10985
2017-07-17 17:29:00
cve
cve
CVE-2017-10984
2017-07-17 17:29:00
CVE-2017-10979
2017-07-17 17:29:00
CVE-2017-10985
2017-07-17 17:29:00
redhatcve
redhatcve
CVE-2017-10979
2017-07-17 14:51:26
CVE-2017-10983
2019-10-11 16:53:58
CVE-2017-10984
2017-07-17 14:50:32
checkpoint_advisories
checkpoint_advisories
FreeRADIUS data2vp_wimax Heap Buffer Overflow (CVE-2017-10984)
2017-07-30 00:00:00
FreeRADIUS fr_dhcp_attr2vp Integer Underflow Out of Bounds Read (CVE-2017-10986)
2018-04-26 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.771 High

EPSS

Percentile

98.2%

JSON
Related for USN-3369-1
nessus24openvas16debian3mageia1centos2redhat2osv12amazon1oraclelinux2archlinux1fedora2suse2apple2veracode6ubuntucve10prion10debiancve10cve10redhatcve10checkpoint_advisories2