FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
1b3f854b-e4bd-11de-b276-000d8787e1befreeradius -- remote packet of death vulnerability

freeRADIUS Vulnerability Notifications reports:

2009.09.09 v1.1.7 - Anyone who can send packets to the server can crash it by sending a Tunnel-Password attribute in an Access-Request packet. This vulnerability is not otherwise exploitable. We have released 1.1.8 to correct this vulnerability.

This issue is similar to the previous Tunnel-Password issue noted below. The vulnerable versions are 1.1.3 through 1.1.7. Version 2.x is not affected.


Discovery 2009-09-09
Entry 2009-12-14
Modified 2009-12-14
freeradius
< 1.1.8

CVE-2009-3111
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3111
http://freeradius.org/security.html
http://www.milw0rm.com/exploits/9642
673dce46-46d0-11e7-a539-0050569f7e80FreeRADIUS -- TLS resumption authentication bypass

Stefan Winter reports:

The TLS session cache in FreeRADIUS before 3.0.14 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS.


Discovery 2017-02-03
Entry 2017-06-01
freeradius
freeradius2
freeradius3
< 3.0.14

CVE-2017-9148
http://freeradius.org/security.html
http://seclists.org/oss-sec/2017/q2/342
http://www.securityfocus.com/bid/98734
ec2f2ff5-f710-11da-9156-000e0c2e438afreeradius -- multiple vulnerabilities

The freeradious development team reports:

Multiple issues exist with version 1.0.4, and all prior versions of the server. Externally exploitable vulnerabilities exist only for sites that use the rlm_sqlcounter module. Those sites may be vulnerable to SQL injection attacks, similar to the issues noted below. All sites that have not deployed the rlm_sqlcounter module are not vulnerable to external exploits.

The issues are:

SQL Injection attack in the rlm_sqlcounter module.

Buffer overflow in the rlm_sqlcounter module, that may cause a server crash.

Buffer overflow while expanding %t, that may cause a server crash.


Discovery 2005-09-09
Entry 2006-06-08
freeradius
ge 1.0.0 le 1.0.4

17171
CVE-2005-4744
37a5c10f-bf56-11da-b0e9-00123ffe8333freeradius -- EAP-MSCHAPv2 Authentication Bypass

Freeradius Security Contact reports:

Insufficient input validation was being done in the EAP-MSCHAPv2 state machine. A malicious attacker could manipulate their EAP-MSCHAPv2 client state machine to potentially convince the server to bypass authentication checks. This bypassing could also result in the server crashing.


Discovery 2006-03-21
Entry 2006-03-29
freeradius
ge 1.0.0 lt 1.1.1

CVE-2006-1354
http://www.freeradius.org/security.html#1.1.0
http://secunia.com/advisories/19300/
2fbe16c2-cab6-11d9-9aed-000e0c2e438afreeradius -- sql injection and denial of service vulnerability

A Gentoo Advisory reports:

The FreeRADIUS server is vulnerable to an SQL injection attack and a buffer overflow, possibly resulting in disclosure and modification of data and Denial of Service.


Discovery 2005-05-17
Entry 2005-05-22
Modified 2008-01-20
freeradius
le 1.0.2_1

freeradius-devel
le 1.0.2

13540
13541
http://www.gentoo.org/security/en/glsa/glsa-200505-13.xml
c110eda2-e995-11db-a944-0012f06707f0freeradius -- EAP-TTLS Tunnel Memory Leak Remote DOS Vulnerability

The freeradius development team reports:

A malicious 802.1x supplicant could send malformed Diameter format attributes inside of an EAP-TTLS tunnel. The server would reject the authentication request, but would leak one VALUE_PAIR data structure, of approximately 300 bytes. If an attacker performed the attack many times (e.g. thousands or more over a period of minutes to hours), the server could leak megabytes of memory, potentially leading to an "out of memory" condition, and early process exit.


Discovery 2007-04-10
Entry 2007-04-13
Modified 2010-05-12
freeradius
freeradius-mysql
le 1.1.5

23466
CVE-2005-1455
CVE-2005-1454
CVE-2007-2028
CVE-2005-4745
http://www.freeradius.org/security.html
1a216dfd-f710-11da-9156-000e0c2e438afreeradius -- authentication bypass vulnerability

The freeradius development team reports:

A validation issue exists with the EAP-MSCHAPv2 module in all versions from 1.0.0 (where the module first appeared) to 1.1.0. Insufficient input validation was being done in the EAP-MSCHAPv2 state machine. A malicious attacker could manipulate their EAP-MSCHAPv2 client state machine to potentially convince the server to bypass authentication checks. This bypassing could also result in the server crashing


Discovery 2006-06-03
Entry 2006-06-08
freeradius
gt 1.0.0 le 1.1.0

17293
CVE-2006-1354