|
Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2003:030: radiusd-cistron Vulnerability Scan
Vulnerability Scan Summary Check for the version of the radiusd-cistron package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2003:030 (radiusd-cistron).
The package radiusd-cistron is an implementation of the RADIUS protocol.
Unfortunately the RADIUS server handles too large NAS numbers not
correctly. This leads to overwriting internal memory of the server
process and may be abused to gain remote access to the system the RADIUS
server is running on.
There is no temporary workaround known.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command 'rpm -Fhv file.rpm' to apply
the update.
Solution : http://www.suse.de/security/2003_030_radiusd_cistron.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|