Lucene search
Ubuntu.comUB:CVE-2015-4680HistoryApr 05, 2017 - 12:00 a.m.
CVE-2015-4680
2017-04-0500:00:00
ubuntu.com
ubuntu.com
8
0.004 Low
EPSS
Percentile
73.8%
FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly
check revocation of intermediate CA certificates.
Bugs
Notes
| Author | Note |
|---|---|
| tyhicks | Upstream states that the recommended configuration is not affected. Only configurations using certs from a public CA are affected and upstream says that such configurations are not recommended. |
| mdeslaur | we will not be fixing this issue in Ubuntu 14.04 LTS. Users are advised to follow upstream recommendations or to update to a later Ubuntu release. |
Related
securityvulns
securityvulns
FreeRADIUS
2015-06-29 00:00:00
[oCERT-2015-008] FreeRADIUS insufficent CRL application
2015-06-29 00:00:00
nessus
nessus
FreeBSD : freeradius -- insufficient CRL application vulnerability (379788f3-2900-11e5-a4a5-002590263bf5)
2015-07-14 00:00:00
SUSE SLES12 Security Update : freeradius-server (SUSE-SU-2017:0102-1)
2017-01-11 00:00:00
SUSE SLES11 Security Update : freeradius-server (SUSE-SU-2017:1777-1)
2017-07-05 00:00:00
mageia
mageia
Updated freeradius package fixes security vulnerability
2015-07-29 00:01:59
prion
prion
Design/Logic Flaw
2017-04-05 17:59:00
suse
suse
Security update for freeradius-server (important)
2017-01-10 19:09:23
freebsd
freebsd
freeradius -- insufficient CRL application vulnerability
2015-06-22 00:00:00
cvelist
cvelist
CVE-2015-4680
2017-04-05 17:00:00
archlinux
archlinux
freeradius: insufficient CRL validation
2015-08-14 00:00:00
debiancve
debiancve
CVE-2015-4680
2017-04-05 17:59:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:0102-1)
2021-04-19 00:00:00
Mageia: Security Advisory (MGASA-2015-0291)
2015-10-15 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1777-1)
2021-06-09 00:00:00
cve
cve
CVE-2015-4680
2017-04-05 17:59:00
osv
osv
freeradius - security update
2017-06-05 00:00:00
debian
debian
[SECURITY] [DLA 977-1] freeradius security update
2017-06-05 16:33:27