Gentoo Bug 34424 - FreeRADIUS <= 0.9.3 rlm_smb module stack overflow vulnerability

First Last Prev Next No search results available Search page Enter new bug

Bug#:	34424
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	FIXED
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Carsten Lohrke <carlo@gentoo.org>
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:		Requestee:
	Pending
	Approved
koon:	Assigned_To	()

Filename	Description	Type	Creator	Created	Size	Actions
smblib.c.diff	Fix for the rlm_smb vulnerability	patch	Thierry Carrez (RETIRED)	2004-04-03 03:12 0000	690 bytes	Details \| Diff
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 34424 depends on:			Show dependency tree
Bug 34424 blocks:			Show dependency tree

Votes:	0 Show votes for this bug Vote for this bug

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED FIXED
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2003-11-26 09:59 0000

http://www.s-quadra.com/advisories/Adv-20031126.txt

Reproducible: Always
Steps to Reproduce:
1.
2.
3.

------- Comment #1 From Thierry Carrez (RETIRED) 2004-04-01 08:26:38 0000 -------

Fix is in freeradius CVS, I am trying to get it for inclusion in our 0.9.3
ebuild.
-K

------- Comment #2 From Thierry Carrez (RETIRED) 2004-04-03 03:12:24 0000 -------

Created an attachment (id=28611) [details]
Fix for the rlm_smb vulnerability

This is the (trivial) fix extracted from FreeRadius CVS.

------- Comment #3 From Thierry Carrez (RETIRED) 2004-04-03 03:20:08 0000 -------

Can someone from the net-dialup herd include this fix in a freeradius-0.9.3-r1
ebuild ?

Thanks in advance,
-K

------- Comment #4 From Heinrich Wendel (RETIRED) 2004-04-03 05:20:58 0000 -------

added in freeradius-0.9.3-r1 and marked stable

------- Comment #5 From Thierry Carrez (RETIRED) 2004-04-03 09:44:16 0000 -------

Thanks Heinrich for the quick fix.

Vulnerability is an old one and appears in an experimental module, compiled only if you USE=frxp. Also given the unfortunate delay in resolution, a GLSA is probably not needed for this one.

Closing without GLSA.
-K

First Last Prev Next No search results available Search page Enter new bug

Bugzilla Bug 34424

FreeRADIUS <= 0.9.3 rlm_smb module stack overflow vulnerability

Last modified: 2004-04-03 09:44:16 0000