Page 3 of 19 results (0.045 seconds)

CVSS: 9.8EPSS: 77%CPEs: 15EXPL: 0

An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code. Un problema FR-GV-301 en FreeRADIUS versión 3.x anterior a 3.0.15, permite un "Write overflow in data2vp_wimax()" - esto permite a los atacantes remotos causar una denegación de servicio (bloqueo del demonio) o posiblemente ejecutar código arbitrario. An out-of-bounds write flaw was found in the way FreeRADIUS server handled certain attributes in request packets. A remote attacker could use this flaw to crash the FreeRADIUS server or to execute arbitrary code in the context of the FreeRADIUS server process by sending a specially crafted request packet. • http://freeradius.org/security/fuzzer-2017.html http://www.debian.org/security/2017/dsa-3930 http://www.securityfocus.com/bid/99876 https://access.redhat.com/errata/RHSA-2017:2389 https://access.redhat.com/security/cve/CVE-2017-10984 https://bugzilla.redhat.com/show_bug.cgi?id=1468549 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0

An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service. Un problema FR-GV-302 en FreeRADIUS versión 3.x anterior a 3.0.15, permite un "Infinite loop and memory exhaustion with 'concat' attributes" y una denegación de servicio. A denial of service flaw was found in the way FreeRADIUS server handled certain attributes in request packets. A remote attacker could use this flaw to cause the FreeRADIUS server to enter an infinite loop, consume increasing amounts of memory resources, and ultimately crash by sending a specially crafted request packet. • http://freeradius.org/security/fuzzer-2017.html http://www.debian.org/security/2017/dsa-3930 http://www.securityfocus.com/bid/99968 https://access.redhat.com/errata/RHSA-2017:2389 https://access.redhat.com/security/cve/CVE-2017-10985 https://bugzilla.redhat.com/show_bug.cgi?id=1468550 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0

An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service. Un problema FR-GV-304 en FreeRADIUS versión 3.x anterior a 3.0.15, permite una "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" y una denegación de servicio. An out-of-bounds read flaw was found in the way FreeRADIUS server handled decoding of DHCP packets. A remote attacker could use this flaw to crash the FreeRADIUS server by sending a specially crafted DHCP request. • http://freeradius.org/security/fuzzer-2017.html http://www.debian.org/security/2017/dsa-3930 http://www.securityfocus.com/bid/99970 https://access.redhat.com/errata/RHSA-2017:2389 https://access.redhat.com/security/cve/CVE-2017-10987 https://bugzilla.redhat.com/show_bug.cgi?id=1468552 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0

The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS. La caché de una sesión TLS en FreeRADIUS versiones 2.1.1 hasta 2.1.7, versiones 3.0.x anteriores a 3.0.14, versiones 3.1.x antes de 04-02-2017, y versiones 4.0.x antes de 04-02-2017, no puede impedir de manera fiable la reanudación de una sesión no autenticada, que permite a los atacantes remotos (como requirentes maliciosos 802.1X) para omitir la autenticación por medio de PEAP o TTLS. An authentication bypass flaw was found in the way the EAP module in FreeRADIUS handled TLS session resumption. A remote unauthenticated attacker could potentially use this flaw to bypass the inner authentication check in FreeRADIUS by resuming an older unauthenticated TLS session. • http://freeradius.org/security.html http://seclists.org/oss-sec/2017/q2/422 http://www.securityfocus.com/bid/98734 http://www.securitytracker.com/id/1038576 https://access.redhat.com/errata/RHSA-2017:1581 https://security.gentoo.org/glsa/201706-27 https://access.redhat.com/security/cve/CVE-2017-9148 https://bugzilla.redhat.com/show_bug.cgi?id=1456697 • CWE-287: Improper Authentication •

CVSS: 8.1EPSS: 0%CPEs: 9EXPL: 0

The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read. El módulo EAP-PWD en FreeRADIUS 3.0 hasta la versión 3.0.8 permite a atacantes remotos tener un impacto no especificado a través (1) commit o (2) confirmar mensaje, lo que desencadena una lectura fuera de límites. • http://freeradius.org/security.html#eap-pwd-2015 http://www.openwall.com/lists/oss-security/2016/01/08/7 • CWE-125: Out-of-bounds Read •