|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200409-29] FreeRADIUS: Multiple Denial of Service vulnerabilities Vulnerability Scan
Vulnerability Scan Summary FreeRADIUS: Multiple Denial of Service vulnerabilities
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200409-29
(FreeRADIUS: Multiple Denial of Service vulnerabilities)
There are undisclosed defects in the way FreeRADIUS handles incorrect
received packets.
Impact
A remote attacker could send specially-crafted packets to the FreeRADIUS
server to deny service to other users by crashing the server.
Workaround
There is no known workaround at this time.
References:
http://www.freeradius.org/security.html
Solution:
All FreeRADIUS users should upgrade to the latest version:
# emerge sync
# emerge -pv ">=net-dialup/freeradius-1.0.1"
# emerge ">=net-dialup/freeradius-1.0.1"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|