Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Red Hat Local Security Checks --> Category: infos

RHSA-2004-609: freeradius Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the freeradius packages

Detailed Explanation for this Vulnerability Test

Updated freeradius packages that fix a number of denial of service
vulnerabilities as well as minor bugs are now available for Red Hat
Enterprise Linux 3.

FreeRADIUS is a high-performance and highly configurable free RADIUS server
designed to allow centralized authentication and authorization for a

A number of flaws were found in FreeRADIUS versions prior to 1.0.1. An
attacker who is able to send packets to the server could construct
carefully constructed packets in such a way as to cause the server to
consume memory or crash. The Common Vulnerabilities and Exposures project
( has assigned the names CVE-2004-0938, CVE-2004-0960, and
CVE-2004-0961 to these issues.

Users of FreeRADIUS should update to these erratum packages that contain
FreeRADIUS 1.0.1, which is not vulnerable to these issues and also corrects
a number of bugs.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.