Red Hat Security Advisory 2013-0134-01 - FreeRADIUS is an open-source Remote Authentication Dial-In User Service server which allows RADIUS clients to perform authentication against the RADIUS server. The RADIUS server may optionally perform accounting of its operations using the RADIUS protocol. It was found that the "unix" module ignored the password expiration setting in "/etc/shadow". If FreeRADIUS was configured to use this module for user authentication, this flaw could allow users with an expired password to successfully authenticate, even though their access should have been denied.
848f46811c7a202e3e0412d05ff40ab5c11f542e1a5cd15f8051c970c8c42ff8