Page 3 of 14 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0

An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buffer over-read in fr_dhcp_decode_options()" and a denial of service. Un problema FR-GV-205 en FreeRADIUS versión 2.x anterior a 2.2.10, permite una "DHCP - Buffer over-read in fr_dhcp_decode_options()" y una denegación de servicio. An out-of-bounds read flaw was found in the way FreeRADIUS server handles decoding of DHCP packets. A remote attacker could use this flaw to crash the FreeRADIUS server by sending a specially crafted DHCP request. • http://freeradius.org/security/fuzzer-2017.html http://www.debian.org/security/2017/dsa-3930 http://www.securityfocus.com/bid/99912 http://www.securitytracker.com/id/1038914 https://access.redhat.com/errata/RHSA-2017:1759 https://access.redhat.com/security/cve/CVE-2017-10982 https://bugzilla.redhat.com/show_bug.cgi?id=1468498 • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0

An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service. Un problema FR-GV-204 en FreeRADIUS versión 2.x anterior a 2.2.10, permite una "DHCP - Memory leak in fr_dhcp_decode()" y una denegación de servicio. A memory leak flaw was found in the way FreeRADIUS server handles decoding of DHCP packets. A remote attacker could use this flaw to cause the FreeRADIUS server to consume an increasing amount of memory resources over time, possibly leading to a crash due to memory exhaustion, by sending specially crafted DHCP packets. • http://freeradius.org/security/fuzzer-2017.html http://www.debian.org/security/2017/dsa-3930 http://www.securityfocus.com/bid/99898 http://www.securitytracker.com/id/1038914 https://access.redhat.com/errata/RHSA-2017:1759 https://access.redhat.com/security/cve/CVE-2017-10981 https://bugzilla.redhat.com/show_bug.cgi?id=1468495 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 1

Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash. Desbordamiento de buffer basado en pila en la función normify en el módulo rlm_pap (modules/rlm_pap/rlm_pap.c) en FreeRADIUS 2.x, posiblemente 2.2.3 y anteriores, y 3.x, posiblemente 3.0.1 y anteriores, podría permitir a atacantes causar una denagción de servicio (caída) y posiblemente ejecutar código arbitrario a través de un hash de contraseña largo, tal y como fue demostrado por un hash SSHA. A stack-based buffer overflow was found in the way the FreeRADIUS rlm_pap module handled long password hashes. An attacker able to make radiusd process a malformed password hash could cause the daemon to crash. • http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000612.html http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000616.html http://rhn.redhat.com/errata/RHSA-2015-1287.html http://ubuntu.com/usn/usn-2122-1 http://www.openwall.com/lists/oss-security/2014/02/18/3 http://www.securityfocus.com/bid/65581 https://bugzilla.redhat.com/show_bug.cgi?id=1066761 https://acce • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 6.0EPSS: 0%CPEs: 50EXPL: 0

modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password. modules/rlm_unix/rlm_unix.c en FreeRADIUS anterior a v2.2.0, cuando el modo unix está activado para la autenticación de usuarios, no valida adecuadamente la expiración de la contraseña en /etc/shadow, lo que permite a usuarios autenticados remotamente validarse mediante una contraseña caducada. • http://lists.opensuse.org/opensuse-updates/2013-01/msg00029.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00079.html http://rhn.redhat.com/errata/RHBA-2012-0881.html http://rhn.redhat.com/errata/RHSA-2013-0134.html https://github.com/alandekok/freeradius-server/commit/1b1ec5ce75e224bd1755650c18ccdaa6dc53e605 https://access.redhat.com/security/cve/CVE-2011-4966 https://bugzilla.redhat.com/show_bug.cgi?id=879045 • CWE-255: Credentials Management Errors •