Family: Debian Local Security Checks --> Category: infos
[DSA1089] DSA-1089-1 freeradius Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Several problems have been discovered in freeradius, a
high-performance and highly configurable RADIUS server. The Common
Vulnerabilities and Exposures project identifies the following
SuSE researchers have discovered several off-by-one errors may
allow remote attackers to cause a denial of service and possibly
execute arbitrary code.
Due to insufficient input validation it is possible for a remote
attacker to bypass authentication or cause a denial of service.
The old stable distribution (woody) does not contain this package.
For the stable distribution (sarge) this problem has been fixed in
For the unstable distribution (sid) this problem has been fixed in
We recommend that you upgrade your freeradius package.
Solution : http://www.debian.org/security/2006/dsa-1089
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.