ports/141318: FreeRadius < 1.1.8 Remote Packet of Death Exploit (CVE-2009-3111)
Danilo G. Baio
dbaio at bs2.com.br
Wed Dec 9 13:40:01 UTC 2009
>Number: 141318
>Category: ports
>Synopsis: FreeRadius < 1.1.8 Remote Packet of Death Exploit (CVE-2009-3111)
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Dec 09 13:40:00 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Danilo G. Baio
>Release: 7.2-8.0
>Organization:
BS2 Internet
>Environment:
>Description:
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
<vuln vid="1b3f854b-e4bd-11de-b276-000d8787e1be">
<topic> freeradius -- A free RADIUS server implementation </topic>
<affects>
<package>
<name>freeradius</name>
<range><le>1.1.7_4</le></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>freeRADIUS Vulnerability Notifications reports:</p>
<blockquote cite="http://freeradius.org/security.html">
<p>2009.09.09 v1.1.7 - Anyone who can send packets to
the server can crash it by sending a Tunnel-Password
attribute in an Access-Request packet. This
vulnerability is not otherwise exploitable. We have
released 1.1.8 to correct this vulnerability.
This issue is similar to the previous Tunnel-Password
issue noted below. The vulnerable versions are 1.1.3
through 1.1.7. Version 2.x is not affected.
</p>
</blockquote>
</body>
</description>
<references>
<cvename>CVE-2009-3111</cvename>
<url>http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3111</url>
<url>http://freeradius.org/security.html</url>
<url>http://www.milw0rm.com/exploits/9642</url>
</references>
<dates>
<discovery>2009-09-09</discovery>
<entry>2009-12-09</entry>
</dates>
</vuln>
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list