FreeBSD Ports: Freeradius Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://www.freeradius.org/security.html#1.1.0 http://secunia.com/advisories/19300/ http://www.vuxml.org/freebsd/37a5c10f-bf56-11da-b0e9-00123ffe8333.html

Insight

The following package is affected: freeradius CVE-2006-1354 Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via 'Insufficient input validation' in the EAP-MSCHAPv2 state machine module.

Severity

Classification

CVE CVE-2006-1354
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: acroread
FreeBSD Ports: anubis
FreeBSD Ports: bogofilter
FreeBSD Ports: chromium
FreeBSD Ports: cacti

FreeBSD Ports: freeradius

Take action and discover your vulnerabilities