Download
| Alert*
oval:org.secpod.oval:def:89000371
This update for freeradius-server fixes the following issues: - CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd . - CVE-2019-17185: Fixed a debial of service due to multithreaded BN_CTX access . - Fixed an issue in TLS-EAP where the OCSP verification, when an intermediate client certif ... oval:org.secpod.oval:def:117549 The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now h ... oval:org.secpod.oval:def:89000049 This update for freeradius-server fixes the following issues: - CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd . - CVE-2019-17185: Fixed a debial of service due to multithreaded BN_CTX access . oval:org.secpod.oval:def:117548 The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now h ... oval:org.secpod.oval:def:89000686 This update for freeradius-server fixes the following issues: - CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd . - CVE-2019-17185: Fixed a debial of service due to multithreaded BN_CTX access . - Fixed an issue in TLS-EAP where the OCSP verification, when an intermediate client certif ... oval:org.secpod.oval:def:89000602 This update for freeradius-server fixes the following issues: - CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd . - CVE-2019-17185: Fixed a debial of service due to multithreaded BN_CTX access . oval:org.secpod.oval:def:205663 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: * freeradius: privilege escalation due to insecure logrotate configuration * freeradius: eap- ... oval:org.secpod.oval:def:504319 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: * freeradius: privilege escalation due to insecure logrotate configuration * freeradius: eap- ... oval:org.secpod.oval:def:1700458 It was discovered freeradius does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. An infor ... oval:org.secpod.oval:def:1504316 [3.0.13-15] - Fixes EAP-PWD: DoS issues due to multithreaded BN_CTX access Resolves: bz#1818808 [3.0.13-14 - Fixes receiving of multiple RADIUS packets under load Resolves: bz#1630684 [3.0.13-13] - Fixes logging of cleartext pap password Resolves: bz#1677435 [3.0.13-12] - Fixes paircompare with attr ... oval:org.secpod.oval:def:1505304 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69499 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: * freeradius: eap-pwd: Information leak due to aborting when needing more than 10 iterations ... oval:org.secpod.oval:def:66784 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: * freeradius: eap-pwd: Information leak due to aborting when needing more than 10 iterations ... |