FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
379788f3-2900-11e5-a4a5-002590263bf5freeradius -- insufficient CRL application vulnerability

oCERT reports:

The FreeRADIUS server relies on OpenSSL to perform certificate validation, including Certificate Revocation List (CRL) checks. The FreeRADIUS usage of OpenSSL, in CRL application, limits the checks to leaf certificates, therefore not detecting revocation of intermediate CA certificates.

An unexpired client certificate, issued by an intermediate CA with a revoked certificate, is therefore accepted by FreeRADIUS.

Specifically sets the X509_V_FLAG_CRL_CHECK flag for leaf certificate CRL checks, but does not use X509_V_FLAG_CRL_CHECK_ALL for CRL checks on the complete trust chain.

The FreeRADIUS project advises that the recommended configuration is to use self-signed CAs for all EAP-TLS methods.


Discovery 2015-06-22
Entry 2015-07-13
freeradius2
< 2.2.8

freeradius3
< 3.0.9

CVE-2015-4680
ports/201058
ports/201059
http://www.ocert.org/advisories/ocert-2015-008.html
http://freeradius.org/security.html
79bbec7e-8141-11e7-b5af-a4badb2f4699FreeRadius -- Multiple vulnerabilities

Guido Vranken reports:

Multiple vulnerabilities found via fuzzing: FR-GV-201 (v2,v3) Read / write overflow in make_secret() FR-GV-202 (v2) Write overflow in rad_coalesce() FR-GV-203 (v2) DHCP - Memory leak in decode_tlv() FR-GV-204 (v2) DHCP - Memory leak in fr_dhcp_decode() FR-GV-205 (v2) DHCP - Buffer over-read in fr_dhcp_decode_options() FR-GV-206 (v2,v3) DHCP - Read overflow when decoding option 63 FR-GV-207 (v2) Zero-length malloc in data2vp() FR-GV-301 (v3) Write overflow in data2vp_wimax() FR-GV-302 (v3) Infinite loop and memory exhaustion with 'concat' attributes FR-GV-303 (v3) DHCP - Infinite read in dhcp_attr2vp() FR-GV-304 (v3) DHCP - Buffer over-read in fr_dhcp_decode_suboptions() FR-GV-305 (v3) Decode 'signed' attributes correctly FR-AD-001 (v2,v3) Use strncmp() instead of memcmp() for string data FR-AD-002 (v3) String lifetime issues in rlm_python FR-AD-003 (v3) Incorrect statement length passed into sqlite3_prepare


Discovery 2017-06-17
Entry 2017-08-14
freeradius3
< 3.0.15

http://freeradius.org/security/fuzzer-2017.html
0c2c4d84-42a2-11e5-9daa-14dae9d210b8freeradius3 -- insufficient validation on packets

Jouni Malinen reports:

The EAP-PWD module performed insufficient validation on packets received from an EAP peer. This module is not enabled in the default configuration. Administrators must manually enable it for their server to be vulnerable. Only versions 3.0 up to 3.0.8 are affected.


Discovery 2015-04-04
Entry 2015-08-14
freeradius3
< 3.0.8

http://freeradius.org/security.html#eap-pwd-2015
673dce46-46d0-11e7-a539-0050569f7e80FreeRADIUS -- TLS resumption authentication bypass

Stefan Winter reports:

The TLS session cache in FreeRADIUS before 3.0.14 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS.


Discovery 2017-02-03
Entry 2017-06-01
freeradius
freeradius2
freeradius3
< 3.0.14

CVE-2017-9148
http://freeradius.org/security.html
http://seclists.org/oss-sec/2017/q2/342
http://www.securityfocus.com/bid/98734