MDVSA-2009:227-1
- Package name
- freeradius
- Date
- 2010-01-11
- Advisory ID
- MDVSA-2009:227-1
- Affected versions
- 2008.0 i586 , 2008.0 x86_64
Problem description
A vulnerability has been found and corrected in freeradius:
The rad_decode function in FreeRADIUS before 1.1.8 allows remote
attackers to cause a denial of service (radiusd crash) via zero-length
Tunnel-Password attributes. NOTE: this is a regression error related
to CVE-2003-0967 (CVE-2009-3111).
This update provides a solution to this vulnerability.
Update:
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
Updated packages
2008.0 i586
5db7c7125fc6b64c4e19b41743a3d391 2008.0/i586/freeradius-1.1.7-2.1mdv2008.0.i586.rpm d59025aad5710dcf003b8edfe695848c 2008.0/i586/libfreeradius1-1.1.7-2.1mdv2008.0.i586.rpm 02aa3c297749e91957e097e9de134ce7 2008.0/i586/libfreeradius1-devel-1.1.7-2.1mdv2008.0.i586.rpm ddaa5a7e121c621798cf0358a245c5ce 2008.0/i586/libfreeradius1-krb5-1.1.7-2.1mdv2008.0.i586.rpm 1f0ea64c0787b93c42fb29fbd615baad 2008.0/i586/libfreeradius1-ldap-1.1.7-2.1mdv2008.0.i586.rpm c4f227f1f8f935148c0c7aeba688d3df 2008.0/i586/libfreeradius1-mysql-1.1.7-2.1mdv2008.0.i586.rpm 8f5eb11bfcf411b1854cec739a17e496 2008.0/i586/libfreeradius1-postgresql-1.1.7-2.1mdv2008.0.i586.rpm f44080d2bd42733cc640992d70f94399 2008.0/i586/libfreeradius1-unixODBC-1.1.7-2.1mdv2008.0.i586.rpm 088a48c14b01451f7799c2a0b3820f70 2008.0/SRPMS/freeradius-1.1.7-2.1mdv2008.0.src.rpm
2008.0 x86_64
d26be209e79a0da439d3489108650ea2 2008.0/x86_64/freeradius-1.1.7-2.1mdv2008.0.x86_64.rpm 082f9155c2f093e74c2186e708bebbe6 2008.0/x86_64/lib64freeradius1-1.1.7-2.1mdv2008.0.x86_64.rpm 4e3053bd6265f37ba4527c9738624473 2008.0/x86_64/lib64freeradius1-devel-1.1.7-2.1mdv2008.0.x86_64.rpm bc25d9c5adc3f7ce432fa20160616e45 2008.0/x86_64/lib64freeradius1-krb5-1.1.7-2.1mdv2008.0.x86_64.rpm 268827f99ffd55741d727725fc6236fd 2008.0/x86_64/lib64freeradius1-ldap-1.1.7-2.1mdv2008.0.x86_64.rpm 84f2e95d7c341e593d437cae273bf340 2008.0/x86_64/lib64freeradius1-mysql-1.1.7-2.1mdv2008.0.x86_64.rpm d3ea3f4db30aefbb571714904fa5f4fb 2008.0/x86_64/lib64freeradius1-postgresql-1.1.7-2.1mdv2008.0.x86_64.rpm a7a6e27406a4ec0bcdfc9a1399e21719 2008.0/x86_64/lib64freeradius1-unixODBC-1.1.7-2.1mdv2008.0.x86_64.rpm 088a48c14b01451f7799c2a0b3820f70 2008.0/SRPMS/freeradius-1.1.7-2.1mdv2008.0.src.rpm