Package name
freeradius
Date
2006-03-23
Advisory ID
MDKSA-2006:060
Affected versions
2006.0 i586 , 2006.0 x86_64

Problem description

An unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows
remote attackers to bypass authentication or cause a denial of service
(server crash) via "Insufficient input validation" in the EAP-MSCHAPv2
state machine module.

Updated packages have been patched to correct this issue.

Updated packages

2006.0 i586

 f5694e70f14cbd19b83fd27b2486206c  2006.0/RPMS/freeradius-1.0.4-2.1.20060mdk.i586.rpm
 9659a4da82f833ad9f981ea7227868b2  2006.0/RPMS/libfreeradius1-1.0.4-2.1.20060mdk.i586.rpm
 f9a3447563fef1dfb6340999b1d826de  2006.0/RPMS/libfreeradius1-devel-1.0.4-2.1.20060mdk.i586.rpm
 bf2f92256eaa0ce809d792e8e24611a1  2006.0/RPMS/libfreeradius1-krb5-1.0.4-2.1.20060mdk.i586.rpm
 044cc3fbaa56104318ba267cdab184f9  2006.0/RPMS/libfreeradius1-ldap-1.0.4-2.1.20060mdk.i586.rpm
 4b8c8e812804df23e9f6596d905621be  2006.0/RPMS/libfreeradius1-mysql-1.0.4-2.1.20060mdk.i586.rpm
 c2623a903a88573a3b768f2ebe7eacbb  2006.0/RPMS/libfreeradius1-postgresql-1.0.4-2.1.20060mdk.i586.rpm
 28c6de397354d35ee9df21d8e191ebbe  2006.0/RPMS/libfreeradius1-unixODBC-1.0.4-2.1.20060mdk.i586.rpm
 085c52e42b5cc7fc22837abd0f9c5139  2006.0/SRPMS/freeradius-1.0.4-2.1.20060mdk.src.rpm

2006.0 x86_64

 bfce7c3070118389bfb438cf21172339  x86_64/2006.0/RPMS/freeradius-1.0.4-2.1.20060mdk.x86_64.rpm
 16da145b1daefdb21ddf948840e5080d  x86_64/2006.0/RPMS/lib64freeradius1-1.0.4-2.1.20060mdk.x86_64.rpm
 8a31178431515a527b098eba3cae4d24  x86_64/2006.0/RPMS/lib64freeradius1-devel-1.0.4-2.1.20060mdk.x86_64.rpm
 ea2fac845a7de5897fc5a8cfc10aa567  x86_64/2006.0/RPMS/lib64freeradius1-krb5-1.0.4-2.1.20060mdk.x86_64.rpm
 df111b875358584ec03dc45c16a18cb5  x86_64/2006.0/RPMS/lib64freeradius1-ldap-1.0.4-2.1.20060mdk.x86_64.rpm
 a8b1ab60450cae42203318941f32a596  x86_64/2006.0/RPMS/lib64freeradius1-mysql-1.0.4-2.1.20060mdk.x86_64.rpm
 dad9cba86a4bbe8dd30d052853989094  x86_64/2006.0/RPMS/lib64freeradius1-postgresql-1.0.4-2.1.20060mdk.x86_64.rpm
 c058e7e6d30729aefa60dd7cf3fe3ab3  x86_64/2006.0/RPMS/lib64freeradius1-unixODBC-1.0.4-2.1.20060mdk.x86_64.rpm
 085c52e42b5cc7fc22837abd0f9c5139  x86_64/2006.0/SRPMS/freeradius-1.0.4-2.1.20060mdk.src.rpm

References