Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871397
Category:Red Hat Local Security Checks
Title:RedHat Update for freeradius RHSA-2015:1287-01
Summary:The remote host is missing an update for the 'freeradius'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'freeradius'
package(s) announced via the referenced advisory.

Vulnerability Insight:
FreeRADIUS is a high-performance and highly configurable free Remote
Authentication Dial In User Service (RADIUS) server, designed to allow
centralized authentication and authorization for a network.

A stack-based buffer overflow was found in the way the FreeRADIUS rlm_pap
module handled long password hashes. An attacker able to make radiusd
process a malformed password hash could cause the daemon to crash.
(CVE-2014-2015)

The freeradius packages have been upgraded to upstream version 2.2.6, which
provides a number of bug fixes and enhancements over the previous version,
including:

* The number of dictionaries have been updated.

* This update implements several Extensible Authentication Protocol
(EAP) improvements.

* A number of new expansions have been added, including: %{randstr:...},
%{hex:...}, %{sha1:...}, %{base64:...}, %{tobase64:...}, and
%{base64tohex:...}.

* Hexadecimal numbers (0x...) are now supported in %{expr:...} expansions.

* This update adds operator support to the rlm_python module.

* The Dynamic Host Configuration Protocol (DHCP) and DHCP relay code have
been finalized.

* This update adds the rlm_cache module to cache arbitrary attributes.

For a complete list of bug fixes and enhancements provided by this rebase,
see the freeradius changelog linked to in the References section.

(BZ#1078736)

This update also fixes the following bugs:

* The /var/log/radius/radutmp file was configured to rotate at one-month
intervals, even though this was unnecessary. This update removes
/var/log/radius/radutmp from the installed logrotate utility configuration
in the /etc/logrotate.d/radiusd file, and /var/log/radius/radutmp is no
longer rotated. (BZ#904578)

* The radiusd service could not write the output file created by the
raddebug utility. The raddebug utility now sets appropriate ownership to
the output file, allowing radiusd to write the output. (BZ#921563)

* After starting raddebug using the 'raddebug -t 0' command, raddebug
exited immediately. A typo in the special case comparison has been fixed,
and raddebug now runs for 11.5 days in this situation. (BZ#921567)

* MS-CHAP authentication failed when the User-Name and MS-CHAP-User-Name
attributes used different encodings, even when the user provided correct
credentials. Now, MS-CHAP authentication properly handles mismatching
character encodings. Authentication with correct credentials no longer
fails in this situation. (BZ#1060319)

* Automatically generated default certificates used the SHA-1 algorithm
message digest, which is considered insecu ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
freeradius on Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-2015
BugTraq ID: 65581
http://www.securityfocus.com/bid/65581
http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html
http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000612.html
http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000616.html
http://www.openwall.com/lists/oss-security/2014/02/18/3
RedHat Security Advisories: RHSA-2015:1287
http://rhn.redhat.com/errata/RHSA-2015-1287.html
http://ubuntu.com/usn/usn-2122-1
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.