Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 33989 - freeradius heap exploit before version 0.9.3
Summary: freeradius heap exploit before version 0.9.3
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: GLSA Errors (show other bugs)
Hardware: All Linux
: High critical (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-11-20 23:05 UTC by Oliver Graf
Modified: 2003-11-25 11:38 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
New freeradius ebuild for fixed version 0.9.3 (freeradius-0.9.3.ebuild,2.83 KB, text/plain)
2003-11-20 23:07 UTC, Oliver Graf 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Oliver Graf 2003-11-20 23:05:26 UTC 
freeradius has a heap exploit in all versions before 0.9.3. It is possible for
an attacker to DOS the radius server.

Solution: upgrade to 0.9.3

Reproducible: Always
Steps to Reproduce:
Send a compromised RADIUS paket to the server. It needs to have a
Tunnel-Password attribute inside.
Actual Results:  
The server crashes.

Expected Results:  
The server should not crash.

See release notes on http://freeradius.org/
Comment 1 Oliver Graf 2003-11-20 23:07:09 UTC 
Created attachment 21018 [details]
New freeradius ebuild for fixed version 0.9.3

An version bounced ebuild of the 0.9.0 ebuild I submitted some months ago.

This is version 0.9.3 which has the heap dos exploit fixed.
Comment 2 Oliver Graf 2003-11-21 07:08:21 UTC 
The original release mail for version 0.9.3 is here:
http://lists.cistron.nl/archives/freeradius-users/2003/11/msg00614.html

Oliver.
Comment 3 Ryan Phillips (RETIRED) gentoo-dev 2003-11-21 09:10:10 UTC 
Committed.
Comment 4 solar (RETIRED) gentoo-dev 2003-11-22 17:39:27 UTC 
This is ready for a GLSA now.
Comment 5 Ryan Phillips (RETIRED) gentoo-dev 2003-11-24 09:52:10 UTC 
Rajiv: could you release a GLSA for this?
Comment 6 Tim Yamin (RETIRED) gentoo-dev 2003-11-25 11:38:40 UTC 
GLSA 200311-04 sent out.