The remote host is missing updates announced in advisory RHSA-2009:1451. FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network. An input validation flaw was discovered in the way FreeRADIUS decoded specific RADIUS attributes from RADIUS packets. A remote attacker could use this flaw to crash the RADIUS daemon (radiusd) via a specially-crafted RADIUS packet. (CVE-2009-3111) Users of FreeRADIUS are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, radiusd will be restarted automatically.
Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date
Updated on 2017-03-28