CVE-2015-8764
https://notcve.org/view.php?id=CVE-2015-8764
Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow. Error por un paso en el módulo EAP-PWD en FreeRADIUS 3.0 hasta la versión 3.0.8, lo que desencadena un desbordamiento de búfer. • http://freeradius.org/security.html#eap-pwd-2015 http://www.openwall.com/lists/oss-security/2016/01/08/7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-8762
https://notcve.org/view.php?id=CVE-2015-8762
The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet. El módulo EAP-PWD en FreeRADIUS 3.0 hasta la versión 3.0.8 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL y caída del servidor) a través de un paquete EAP-PWD de longitud cero. • http://freeradius.org/security.html#eap-pwd-2015 http://www.openwall.com/lists/oss-security/2016/01/08/7 • CWE-476: NULL Pointer Dereference •
CVE-2015-4680
https://notcve.org/view.php?id=CVE-2015-4680
FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates. FreeRADIUS 2.2.x en versiones anteriores a 2.2.8 y 3.0.x en versiones anteriores a 3.0.9 no comprueba adecuadamente la revocación de certificados CA intermedios. • http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00010.html http://packetstormsecurity.com/files/132415/FreeRADIUS-Insufficient-CRL-Application.html http://www.ocert.org/advisories/ocert-2015-008.html http://www.securityfocus.com/archive/1/535810/100/0/threaded http://www.securityfocus.com/bid/75327 http://www.securitytracker.com/id/1032690 https://bugzilla.redhat.com/show_bug.cgi?id=1234975 • CWE-295: Improper Certificate Validation •
CVE-2014-2015 – freeradius: stack-based buffer overflow flaw in rlm_pap module
https://notcve.org/view.php?id=CVE-2014-2015
Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash. Desbordamiento de buffer basado en pila en la función normify en el módulo rlm_pap (modules/rlm_pap/rlm_pap.c) en FreeRADIUS 2.x, posiblemente 2.2.3 y anteriores, y 3.x, posiblemente 3.0.1 y anteriores, podría permitir a atacantes causar una denagción de servicio (caída) y posiblemente ejecutar código arbitrario a través de un hash de contraseña largo, tal y como fue demostrado por un hash SSHA. A stack-based buffer overflow was found in the way the FreeRADIUS rlm_pap module handled long password hashes. An attacker able to make radiusd process a malformed password hash could cause the daemon to crash. • http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000612.html http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000616.html http://rhn.redhat.com/errata/RHSA-2015-1287.html http://ubuntu.com/usn/usn-2122-1 http://www.openwall.com/lists/oss-security/2014/02/18/3 http://www.securityfocus.com/bid/65581 https://bugzilla.redhat.com/show_bug.cgi?id=1066761 https://acce • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •