CVE-2011-4966

Related Files

Ubuntu Security Notice USN-2122-1

Posted Feb 26, 2014

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2122-1 - It was discovered that FreeRADIUS incorrectly handled unix authentication. A remote user could successfully authenticate with an expired password. Pierre Carrier discovered that FreeRADIUS incorrectly handled rlm_pap hash processing. An authenticated user could use this issue to cause FreeRADIUS to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary

systems | linux, unix, ubuntu

advisories | CVE-2011-4966, CVE-2014-2015, CVE-2011-4966, CVE-2014-2015

SHA-256 | 0a995469005a5d9cd6cf4dd533400746453f53f7672a93339e2f298e285126ef

Download | Favorite | View

Mandriva Linux Security Advisory 2013-038

Posted Apr 5, 2013

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-038 - It was found that the unix module ignored the password expiration setting in /etc/shadow. If FreeRADIUS was configured to use this module for user authentication, this flaw could allow users with an expired password to successfully authenticate, even though their access should have been denied. Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long not after timestamp in a client certificate.

tags | advisory, remote, denial of service, overflow, arbitrary

systems | linux, unix, mandriva

advisories | CVE-2011-4966, CVE-2012-3547

SHA-256 | 97a87842f4bb36244f5f2a4fc25aafa1b286a4047adb05026796f134d2d0bc56

Download | Favorite | View

Red Hat Security Advisory 2013-0134-01

Posted Jan 8, 2013

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0134-01 - FreeRADIUS is an open-source Remote Authentication Dial-In User Service server which allows RADIUS clients to perform authentication against the RADIUS server. The RADIUS server may optionally perform accounting of its operations using the RADIUS protocol. It was found that the "unix" module ignored the password expiration setting in "/etc/shadow". If FreeRADIUS was configured to use this module for user authentication, this flaw could allow users with an expired password to successfully authenticate, even though their access should have been denied.

tags | advisory, remote, protocol

systems | linux, redhat, unix

advisories | CVE-2011-4966

SHA-256 | 848f46811c7a202e3e0412d05ff40ab5c11f542e1a5cd15f8051c970c8c42ff8

Download | Favorite | View