CVE-2005-4744
CVSS6.4
发布时间 :2005-12-31 00:00:00
修订时间 :2010-08-21 00:36:59
NMCOPS    

[原文]Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the external database query to fail. NOTE: this single issue is part of a larger-scale disclosure, originally by SUSE, which reported multiple issues that were disputed by FreeRADIUS. Disputed issues included file descriptor leaks, memory disclosure, LDAP injection, and other issues. Without additional information, the most recent FreeRADIUS report is being regarded as the authoritative source for this CVE identifier.


[CNNVD]FreeRADIUS多个远程安全漏洞(CNNVD-200512-715)

        FreeRADIUS是来自开放源码社区的一种强大的Linux上的RADIUS服务器,可用于分布式和异构计算环境。
        FreeRADIUS中存在多个远程漏洞。
        内存处理漏洞可能允许远程攻击者导致受影响服务崩溃,或执行任意代码。
        FreeRADIUS还受文件描述符泄漏影响,攻击者可以利用这个漏洞访问通常不可访问的文件。
        LDAP模块中存在漏洞,可能导致未经正确的输入过滤便将用户制定的数据传送给配置的LDAP数据库。
        <*链接:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167676
        *>

- CVSS (基础分值)

CVSS分值: 6.4 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:freeradius:freeradius:1.0.3FreeRADIUS 1.0.3
cpe:/a:freeradius:freeradius:1.0.4FreeRADIUS 1.0.4

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10449Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might all...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4744
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4744
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200512-715
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/xforce/xfdb/22211
(PATCH)  XF  freeradius-token-sqlunixodbc-dos(22211)
http://www.securityfocus.com/bid/14775
(PATCH)  BID  14775
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167676
(UNKNOWN)  MISC  https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167676
http://www.freeradius.org/security/20050909-vendor-sec.txt
(UNKNOWN)  MISC  http://www.freeradius.org/security/20050909-vendor-sec.txt
http://www.freeradius.org/security/20050909-response-to-suse.txt
(UNKNOWN)  CONFIRM  http://www.freeradius.org/security/20050909-response-to-suse.txt
http://secunia.com/advisories/16712
(VENDOR_ADVISORY)  SECUNIA  16712
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:066
(UNKNOWN)  MANDRIVA  MDKSA-2006:066
http://www.debian.org/security/2006/dsa-1089
(UNKNOWN)  DEBIAN  DSA-1089
http://secunia.com/advisories/20461
(UNKNOWN)  SECUNIA  20461
http://secunia.com/advisories/19811
(UNKNOWN)  SECUNIA  19811
http://secunia.com/advisories/19518
(UNKNOWN)  SECUNIA  19518
http://secunia.com/advisories/19497
(UNKNOWN)  SECUNIA  19497
http://rhn.redhat.com/errata/RHSA-2006-0271.html
(UNKNOWN)  REDHAT  RHSA-2006:0271
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
(UNKNOWN)  SGI  20060404-01-U

- 漏洞信息

FreeRADIUS多个远程安全漏洞
中危 设计错误
2005-12-31 00:00:00 2006-04-07 00:00:00
远程  
        FreeRADIUS是来自开放源码社区的一种强大的Linux上的RADIUS服务器,可用于分布式和异构计算环境。
        FreeRADIUS中存在多个远程漏洞。
        内存处理漏洞可能允许远程攻击者导致受影响服务崩溃,或执行任意代码。
        FreeRADIUS还受文件描述符泄漏影响,攻击者可以利用这个漏洞访问通常不可访问的文件。
        LDAP模块中存在漏洞,可能导致未经正确的输入过滤便将用户制定的数据传送给配置的LDAP数据库。
        <*链接:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167676
        *>

- 公告与补丁

        

- 漏洞信息 (F47023)

Debian Linux Security Advisory 1089-1 (PacketStormID:F47023)
2006-06-05 00:00:00
Debian  debian.org
advisory
linux,debian
CVE-2005-4744,CVE-2006-1354
[点击下载]

Debian Security Advisory 1089-1 - Several problems have been discovered in freeradius, a high-performance and highly configurable RADIUS server.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1089-1                    security@debian.org
http://www.debian.org/security/                             Martin Schulze
June 3rd, 2006                          http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : freeradius
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE IDs        : CVE-2005-4744 CVE-2006-1354
BugTraq IDs    : 17171 17293
Debian Bug     : 359042

Several problems have been discovered in freeradius, a
high-performance and highly configurable RADIUS server.  The Common
Vulnerabilities and Exposures project identifies the following
problems:

CVE-2005-4744

    SuSE researchers have discovered several off-by-one errors may
    allow remote attackers to cause a denial of service and possibly
    execute arbitrary code.

CVE-2006-1354

    Due to insufficient input validation it is possible for a remote
    attacker to bypass authentication or cause a denial of service.

The old stable distribution (woody) does not contain this package.

For the stable distribution (sarge) this problem has been fixed in
version 1.0.2-4sarge1.

For the unstable distribution (sid) this problem has been fixed in
version 1.1.0-1.2.

We recommend that you upgrade your freeradius package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1.dsc
      Size/MD5 checksum:      897 56748d8bbc17aa4e7393b990eb74b3eb
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1.diff.gz
      Size/MD5 checksum:    15630 20c245bcb697ed963fa5599fd64412fd
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2.orig.tar.gz
      Size/MD5 checksum:  1931715 422a004f2354b2a7364f5b683891a26a

  Architecture independent components:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-dialupadmin_1.0.2-4sarge1_all.deb
      Size/MD5 checksum:   111708 ad56d19ec032f33dc7c80816176fdb33

  Alpha architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1_alpha.deb
      Size/MD5 checksum:  2234836 a9bfbf394a28e96c3a548f4c9cc6daf1
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge1_alpha.deb
      Size/MD5 checksum:    54158 01356bafaa902def24608e4ff0f5234f
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge1_alpha.deb
      Size/MD5 checksum:    54986 bee15f15d005285f827766f996c60ce4
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge1_alpha.deb
      Size/MD5 checksum:   107460 56d7d0ee92185d08baac041d5997849f
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge1_alpha.deb
      Size/MD5 checksum:    55930 f9b5543a03e90b5dff4657eb74c17e1d

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1_amd64.deb
      Size/MD5 checksum:  1961200 87bf5381e4746425397e6315811aa202
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge1_amd64.deb
      Size/MD5 checksum:    53024 c61df3f04a0f4022edf411bd98416ba6
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge1_amd64.deb
      Size/MD5 checksum:    53786 e21e4a4f2073dd8ed6eb123432b45360
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge1_amd64.deb
      Size/MD5 checksum:    99594 5090d67f5a4da97b097656608a570ba6
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge1_amd64.deb
      Size/MD5 checksum:    54750 0431a87e678e805a6ef551dd8e5307aa

  ARM architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1_arm.deb
      Size/MD5 checksum:  2034200 a78f3ddf85f1e71c32e9b86bbbbe8e85
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge1_arm.deb
      Size/MD5 checksum:    51194 7238cf725afbcaf03efab289cc6bd11b
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge1_arm.deb
      Size/MD5 checksum:    52600 9f16d186efe2c9ee581516d9263acd33
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge1_arm.deb
      Size/MD5 checksum:    96374 0e057ed9a937bcf2e6a0604434510bb4
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge1_arm.deb
      Size/MD5 checksum:    53186 4c11d61d72cdfba0ba4282f49955d727

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1_i386.deb
      Size/MD5 checksum:  2028508 9be926753b1314b3e7453bcb36773c03
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge1_i386.deb
      Size/MD5 checksum:    51446 953e5b759545a6238bdccb91260e6f25
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge1_i386.deb
      Size/MD5 checksum:    52560 79302631d1252b0c5916f2c3659f0eb9
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge1_i386.deb
      Size/MD5 checksum:    97512 4bbd2b53a66a237ce910fcf147302637
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge1_i386.deb
      Size/MD5 checksum:    53282 2e067204ac8293570a8a177763afdcc3

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1_ia64.deb
      Size/MD5 checksum:  2375466 943bd9e40c1ffab804b453d8d6acc7f4
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge1_ia64.deb
      Size/MD5 checksum:    53962 0cb36b4572da7058d92fe910d492c95f
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge1_ia64.deb
      Size/MD5 checksum:    55154 f075e38a76ab13c658f7131721f4489b
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge1_ia64.deb
      Size/MD5 checksum:   112832 a64d3649091a27afe04ca6cb4136f668
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge1_ia64.deb
      Size/MD5 checksum:    56028 99aa443bc1fd14e50e50a507aeec0100

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1_hppa.deb
      Size/MD5 checksum:  2039272 d016b1a80144623a6e6ee3adabad8ae8
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge1_hppa.deb
      Size/MD5 checksum:    54602 ee33f588d756dd6196f79b1447f0aa8f
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge1_hppa.deb
      Size/MD5 checksum:    56014 bb6ab35f1ad31b57a7bd19d071812693
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge1_hppa.deb
      Size/MD5 checksum:   105438 7bd780bb55549c009ba25c59f07306a7
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge1_hppa.deb
      Size/MD5 checksum:    56354 1cdfaf9766a45583c41573f53dc1947e

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1_m68k.deb
      Size/MD5 checksum:  2017716 7e004414928552bd42e6824f45b09608
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge1_m68k.deb
      Size/MD5 checksum:    52950 eb95df0d1973deff8557f8ef21af5789
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge1_m68k.deb
      Size/MD5 checksum:    53954 531a9c1328415fedd7d258af62c822e6
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge1_m68k.deb
      Size/MD5 checksum:    95190 adbb0a86dcfad99fb7d6ab2d327157cc
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge1_m68k.deb
      Size/MD5 checksum:    54802 7b908b24521cb21174a13617434b376c

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1_mips.deb
      Size/MD5 checksum:  2135574 4eb5a131e58807a2928130a1260a2dad
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge1_mips.deb
      Size/MD5 checksum:    53200 b5dd30dd319f8154ef914f773a0c1448
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge1_mips.deb
      Size/MD5 checksum:    53668 d7e9aad513740e93a52db17e902e5747
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge1_mips.deb
      Size/MD5 checksum:    97996 8bb100ed36fc455f73b667ec4bb4da7e
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge1_mips.deb
      Size/MD5 checksum:    55140 f6cdf24be5e60b91e61dce6280a02192

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1_mipsel.deb
      Size/MD5 checksum:  2102240 86ab8809a4bef9538ea4c7693492ca3f
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge1_mipsel.deb
      Size/MD5 checksum:    52062 281530578f22e92c57ff60374000b0f3
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge1_mipsel.deb
      Size/MD5 checksum:    52400 df97212268ea91baad3ca2dfdc4c7fce
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge1_mipsel.deb
      Size/MD5 checksum:    96492 3d63745a6aaf6bbf32a9cb48582acdd7
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge1_mipsel.deb
      Size/MD5 checksum:    53936 9ded19b30c574fa280e54f246cf80749

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1_powerpc.deb
      Size/MD5 checksum:  2330602 3362429b3da2311b68d86ebfc07544ee
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge1_powerpc.deb
      Size/MD5 checksum:    58844 69224d3064f8a9b2f632c3a0035d61ca
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge1_powerpc.deb
      Size/MD5 checksum:    60056 ba48d26580793fe3963306e9408982c7
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge1_powerpc.deb
      Size/MD5 checksum:   108876 9ee35d9bba2ed802d84274b458f861be
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge1_powerpc.deb
      Size/MD5 checksum:    61222 cf3addbb9c8ff12ea10eea6f6dc8ea7d

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1_s390.deb
      Size/MD5 checksum:  2581854 d4ec31ca6d5a56a0276321aa6cd666e1
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge1_s390.deb
      Size/MD5 checksum:    65650 d568c8c65934c39f20a0a06424d06cb7
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge1_s390.deb
      Size/MD5 checksum:    66414 5c5883970226a543b1d4186676e56733
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge1_s390.deb
      Size/MD5 checksum:   122758 e5394b982f52d76fe7e06aa1b894724b
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge1_s390.deb
      Size/MD5 checksum:    68072 cdac845ff69647c86434cb0dca112b09

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge1_sparc.deb
      Size/MD5 checksum:  2080708 0ecadd00e7bd093d9c8a5684c066b62e
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge1_sparc.deb
      Size/MD5 checksum:    52898 b0f8020da1f2ab6d29cbd587361f6831
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge1_sparc.deb
      Size/MD5 checksum:    54004 98076e96d39bf98c15a220f2f1e13317
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge1_sparc.deb
      Size/MD5 checksum:    98894 550cc64d2b5c0b6a4af33d669df6abc0
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge1_sparc.deb
      Size/MD5 checksum:    54868 b18f2bfe5e3bd063a243f94d4060ab52


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEgYA3W5ql+IAeqTIRAoChAJ9/o1cQzUoH/g8jbz06bshVLALBPQCgpaKN
G5KM7VmMaWvWGV017LYiZ/U=
=PWEw
-----END PGP SIGNATURE-----

    

- 漏洞信息

19317
FreeRADIUS exec.c radius_exec_program() Function Overflow DoS
Denial of Service, Input Manipulation
Loss of Integrity, Loss of Availability
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-09-08 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 1.0.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

FreeRADIUS Multiple Remote Vulnerabilities
Design Error 14775
Yes No
2005-09-08 12:00:00 2006-12-07 03:44:00
The discoverer of these issues is currently unknown. The vendor disclosed these issues.

- 受影响的程序版本

SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE SUSE Linux Enterprise Server 7
+ Linux kernel 2.4.19
SGI ProPack 3.0 SP5
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SuSE eMail Server III
S.u.S.E. SuSE eMail Server 3.1
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Novell Linux Desktop 1.0
S.u.S.E. Linux Professional 8.2
S.u.S.E. Linux Professional 7.3
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Openexchange Server
S.u.S.E. Linux Office Server
S.u.S.E. Linux IMAP Server 1.0
S.u.S.E. Linux Enterprise Server for S/390 9.0
S.u.S.E. Linux Enterprise Server for S/390
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux Database Server 0
S.u.S.E. Linux Connectivity Server
S.u.S.E. Linux 8.1
S.u.S.E. Linux 8.0 i386
S.u.S.E. Linux 8.0
S.u.S.E. Linux 7.3 sparc
S.u.S.E. Linux 7.3 ppc
S.u.S.E. Linux 7.3 i386
S.u.S.E. Linux 7.3
S.u.S.E. Linux 7.2 i386
S.u.S.E. Linux 7.2
S.u.S.E. Linux 7.1 x86
S.u.S.E. Linux 7.1 sparc
S.u.S.E. Linux 7.1 ppc
S.u.S.E. Linux 7.1 alpha
S.u.S.E. Linux 7.1
S.u.S.E. Linux 7.0 sparc
S.u.S.E. Linux 7.0 ppc
S.u.S.E. Linux 7.0 i386
S.u.S.E. Linux 7.0 alpha
S.u.S.E. Linux 7.0
S.u.S.E. Linux 6.4 ppc
S.u.S.E. Linux 6.4 i386
S.u.S.E. Linux 6.4 alpha
S.u.S.E. Linux 6.4
S.u.S.E. Linux 6.3 ppc
S.u.S.E. Linux 6.3 alpha
S.u.S.E. Linux 6.3
S.u.S.E. Linux 6.2
S.u.S.E. Linux 6.1 alpha
S.u.S.E. Linux 6.1
S.u.S.E. Linux 6.0
S.u.S.E. Linux 5.3
S.u.S.E. Linux 5.2
S.u.S.E. Linux 5.1
S.u.S.E. Linux 5.0
S.u.S.E. Linux 4.4.1
S.u.S.E. Linux 4.4
S.u.S.E. Linux 4.3
S.u.S.E. Linux 4.2
S.u.S.E. Linux 4.0
S.u.S.E. Linux 3.0
S.u.S.E. Linux 2.0
S.u.S.E. Linux 1.0
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
Red Hat Fedora Core3
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
FreeRADIUS FreeRADIUS 1.0.4
FreeRADIUS FreeRADIUS 1.0.2
+ Gentoo Linux
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
FreeRADIUS FreeRADIUS 1.0.5
FreeRADIUS FreeRADIUS 1.0.3

- 不受影响的程序版本

FreeRADIUS FreeRADIUS 1.0.5
FreeRADIUS FreeRADIUS 1.0.3

- 漏洞讨论

FreeRADIUS is susceptible to multiple remote vulnerabilities:

- Memory-handling vulnerabilities. These issues may allow remote attackers to crash affected services or possibly execute arbitrary machine code in the context of the vulnerable application.

- File descriptor leak. Attackers may exploit this to gain access to files that they may not normally have access to.

- The LDAP module contains a flaw whereby attacker-specified data may be passed on to the configured LDAP database without proper input sanitization.

These issues are all reported to affect version 1.0.4 of FreeRADIUS; previous versions are also likely vulnerable to one or more of these issues.

**Update: The vendor has posted a response to these issues. Please see "Response to Suse Audit Report on FreeRADIUS" for further details.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com

- 解决方案

The vendor has released version 1.0.5 of FreeRADIUS to address these issues.

Please see the references for more information and vendor advisories.


FreeRADIUS FreeRADIUS 1.0.2

FreeRADIUS FreeRADIUS 1.0.4

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站