| Summary: |
<net-dialup/freeradius-2.2.5: stack-based buffer overflow flaw in rlm_pap module (CVE-2014-2015) |
| Product: |
Gentoo Security
|
Reporter: |
Agostino Sarubbo <ago> |
| Component: |
Vulnerabilities | Assignee: |
Gentoo Security <security> |
| Status: |
RESOLVED
FIXED
|
|
|
| Severity: |
normal
|
CC: |
barzog, jer, net-dialup
|
| Priority: |
Normal
|
|
|
| Version: |
unspecified | |
|
| Hardware: |
All | |
|
| OS: |
Linux | |
|
| URL: |
https://bugzilla.redhat.com/show_bug.cgi?id=1066761
|
| Whiteboard: |
B2 [glsa] |
|
Package list:
|
|
Runtime testing required:
|
---
|
|---|
| Bug Depends on: |
489958
|
|
|
| Bug Blocks: |
|
|
|
From ${URL} : Pierre Carrier reported a stack-based buffer overflow flaw in the FreeRADIUS rlm_pap module. An authenticated user could trigger this issue by creating a large password, causing FreeRADIUS to crash. The stack protector and SSP variable re-ordering protections should help prevent this issue from being used to execute arbitrary code. Upstream fixes: 2.x: https://github.com/FreeRADIUS/freeradius-server/commit/0d606cfc29a.patch 3.x: https://github.com/FreeRADIUS/freeradius-server/commit/ff5147c9e5088c7.patch master: https://github.com/FreeRADIUS/freeradius-server/commit/f610864d4c8f51d.patch References: http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.