6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.5%
modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is
enabled for user authentication, does not properly check the password
expiration in /etc/shadow, which allows remote authenticated users to
authenticate using an expired password.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | freeradius | < 2.1.8+dfsg-1ubuntu1.1 | UNKNOWN |
ubuntu | 12.04 | noarch | freeradius | < 2.1.10+dfsg-3ubuntu0.12.04.2 | UNKNOWN |
ubuntu | 12.10 | noarch | freeradius | < 2.1.12+dfsg-1.1ubuntu0.1 | UNKNOWN |