Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: FreeRADIUS vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu It was discovered that FreeRADIUS did not correctly handle certain malformed attributes. A remote attacker could exploit this flaw and cause the FreeRADIUS server to crash, resulting in a denial of service.
Ubuntu Security Notice USN-832-1         September 16, 2009
freeradius vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
  freeradius                      1.1.7-1ubuntu0.2

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that FreeRADIUS did not correctly handle certain 
malformed attributes. A remote attacker could exploit this flaw and cause
the FreeRADIUS server to crash, resulting in a denial of service.

Updated packages for Ubuntu 8.04 LTS:

  Source archives:
      Size/MD5:    29420 24046205ce4000d6936fffda082f1c56
      Size/MD5:     1089 f48ac81f667771d7867602f012de0ae1
      Size/MD5:  2673548 4bbdb04b5778b0703e62edb51fdf3e01

  Architecture independent packages:
      Size/MD5:   116132 0c597d55be61f8eb86218545a97a1909

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   655586 a5d8de1ce68ec51a637e5fbcb803db6c
      Size/MD5:    35026 d3518140284d52145cd4b7af58061dba
      Size/MD5:    35526 269e282963da95f8bf0fb6ebd13ebe59
      Size/MD5:    52338 2e7a50a19cb73bacdb6ce2980aaeeef8
      Size/MD5:    35310 9934a770a60b6e0bb27884b13ad65fad
      Size/MD5:    35398 dc0c40b8264b720a6a7a0ff2e84ecdc1
      Size/MD5:   797758 d64c394fe55cd69b6ac5d72143f75187

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   606818 a6c2dc55d5ba7608abb6eed82acfcc1e
      Size/MD5:    34594 b9cbc077759d123b38f40b5fcc591ac6
      Size/MD5:    35276 7e3fb463c80e7fbaa8ef8b80e008ef30
      Size/MD5:    51824 80688022b2a0b66420dd8455844e369c
      Size/MD5:    34838 b9da2e5a7b74b24d5914c8e55c258a7d
      Size/MD5:    34956 8dbb9423504cc0f6d3c0fd7ded42819d
      Size/MD5:   768668 c6c7869016c18ab096c5a6c303ee4639

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   616284 5c6e1f2aa8c06c4caa8d5ca35661c317
      Size/MD5:    34430 b8621d65be2cefe3860ec5075f4c0807
      Size/MD5:    35238 13f31fff6a5e77e9784c3396eea9a811
      Size/MD5:    51932 ab7fd210c158808b29d7bf253d79ba63
      Size/MD5:    34750 078e6c6e37906da714259410bf22d005
      Size/MD5:    34964 2b3eb937c8e0fbe4bd38ebcdf5de597f
      Size/MD5:   767560 5651ba8b7338f081d84d5b7d0ef3acdd

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   668716 e3aabf2b75986af97aaeaad49c485151
      Size/MD5:    37088 067bdcd108ae7d6094a2321fb9ace73a
      Size/MD5:    37706 ea32be50c41a6412d902e84f85e1b269
      Size/MD5:    54942 71d39cb3d82eb6bbed160cba2cacb221
      Size/MD5:    37348 1e556e8a696bf60860499313a72d84b2
      Size/MD5:    37520 ae55203e58c7e00efbf2c333a6764c20
      Size/MD5:   865766 d5f02a2bde7b7da25d08fbd513b9b9ed

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   578502 e5d53135829d6b7fc1a971d5d066da67
      Size/MD5:    34366 9ed3c394b2dcb0541ebc88dceeb7e16d
      Size/MD5:    35212 729794ada8ceaa58d66b957105ba7108
      Size/MD5:    51208 ae2993659065f694259ca27aaa9517b4
      Size/MD5:    34682 10345506d4f5f881824cd3936c050e7a
      Size/MD5:    34796 2cb01627453736d36bb96d158231fdf7
      Size/MD5:   772458 e954a14e2dbd7182eef2484463cdd13f

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

Version: GnuPG v1.4.9 (GNU/Linux)



--=============='64421466633167997=Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

ubuntu-security-announce mailing list
Modify settings or unsubscribe at:

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Tech Companies, Privacy Advocates Call for NSA Reform
Google warns of unauthorized TLS certificates trusted by almost all OSes
How Kevin Mitnick hacked the audience at CeBIT 2015
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.