Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2009-3111 (GCVE-0-2009-3111)
Vulnerability from cvelistv5
Published
2009-09-09 18:00
Modified
2024-08-07 06:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:14:56.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36263",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36263"
},
{
"name": "SUSE-SR:2009:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"name": "[freeradius-users] 20090909 Version 1.1.8 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"name": "36509",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36509"
},
{
"name": "oval:org.mitre.oval:def:9919",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "ADV-2009-3184",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name": "SUSE-SR:2009:016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"name": "APPLE-SA-2009-11-09-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "[oss-security] 20090909 CVE Request -- FreeRADIUS 1.1.8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"name": "RHSA-2009:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3937"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36263",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36263"
},
{
"name": "SUSE-SR:2009:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"name": "[freeradius-users] 20090909 Version 1.1.8 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"name": "36509",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36509"
},
{
"name": "oval:org.mitre.oval:def:9919",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "ADV-2009-3184",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name": "SUSE-SR:2009:016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"name": "APPLE-SA-2009-11-09-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "[oss-security] 20090909 CVE Request -- FreeRADIUS 1.1.8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"name": "RHSA-2009:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3937"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36263"
},
{
"name": "SUSE-SR:2009:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"name": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4",
"refsource": "CONFIRM",
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"name": "[freeradius-users] 20090909 Version 1.1.8 has been released",
"refsource": "MLIST",
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"name": "36509",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36509"
},
{
"name": "oval:org.mitre.oval:def:9919",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
},
{
"name": "http://intevydis.com/vd-list.shtml",
"refsource": "MISC",
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "ADV-2009-3184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name": "SUSE-SR:2009:016",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"name": "APPLE-SA-2009-11-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "[oss-security] 20090909 CVE Request -- FreeRADIUS 1.1.8",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"name": "RHSA-2009:1451",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"name": "http://support.apple.com/kb/HT3937",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3937"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3111",
"datePublished": "2009-09-09T18:00:00",
"dateReserved": "2009-09-09T00:00:00",
"dateUpdated": "2024-08-07T06:14:56.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2009-3111\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-09-09T18:30:00.860\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n rad_decode FreeRADIUS anterior a v1.1.8, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de radiusd) a trav\u00e9s de los atributos zero-length Tunnel-Password. NOTA: esto es una regresi\u00f3n al error relacionado con el CVE-2003-0967.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.1.7\",\"matchCriteriaId\":\"F6D6F259-6145-48C9-A81B-5A331F43A76D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AEDD86F-92B9-43EC-80E3-54010E249FC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFDB110B-4057-4BA4-993A-9DA14888A093\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52C8708B-4D1A-48A7-87DF-DF4B53E66D06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0369C1A6-A0FE-4BF8-89F5-5ED384565DAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1638CC08-8886-4863-8532-883A8616592F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:0.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E4FD4F2-0449-4562-ABF2-927206CB77DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"636F3F00-97A5-4497-A6A9-722AFC5BD689\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:0.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EECDFCD7-0189-4C59-842D-C5F9064033A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:0.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D3EC2A3-5FB6-4D39-B1EA-C8E17AF1F0B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:0.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD634946-ED9B-47EB-8D0F-88EA6057D17C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49152208-4DBD-4AF7-BCB3-3D56650899F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90AF846A-F239-4963-B260-7CB48334B8B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E95ADE53-BFBE-4B06-A1BF-EF576D567554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F03F8FE-80BA-41A3-85CE-FFB6A18E6DCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C48FE12-68CB-462D-B75E-204894325F5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1321F1E7-4B14-4B16-91D0-AE9E9951D12A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"313EFEC5-1580-4ACE-BB9C-84E3714F2C37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:1.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B93BEF0-09C1-4DF8-8761-582DE975F306\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:1.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F927232-6275-497E-BF09-B4DCF19642C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:1.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F07F89D7-504B-4892-9840-A3FED5274F5A\"}]}]}],\"references\":[{\"url\":\"http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://intevydis.com/vd-list.shtml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/36509\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.apple.com/kb/HT3937\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/09/09/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2009-1451.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/36263\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/3184\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://intevydis.com/vd-list.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/36509\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT3937\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/09/09/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2009-1451.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/36263\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/3184\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
rhsa-2009_1451
Vulnerability from csaf_redhat
Published
2009-09-17 14:38
Modified
2024-11-22 03:00
Summary
Red Hat Security Advisory: freeradius security update
Notes
Topic
Updated freeradius packages that fix a security issue are now available for
Red Hat Enterprise Linux 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
FreeRADIUS is a high-performance and highly configurable free Remote
Authentication Dial In User Service (RADIUS) server, designed to allow
centralized authentication and authorization for a network.
An input validation flaw was discovered in the way FreeRADIUS decoded
specific RADIUS attributes from RADIUS packets. A remote attacker could use
this flaw to crash the RADIUS daemon (radiusd) via a specially-crafted
RADIUS packet. (CVE-2009-3111)
Users of FreeRADIUS are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
update, radiusd will be restarted automatically.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated freeradius packages that fix a security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "FreeRADIUS is a high-performance and highly configurable free Remote\nAuthentication Dial In User Service (RADIUS) server, designed to allow\ncentralized authentication and authorization for a network.\n\nAn input validation flaw was discovered in the way FreeRADIUS decoded\nspecific RADIUS attributes from RADIUS packets. A remote attacker could use\nthis flaw to crash the RADIUS daemon (radiusd) via a specially-crafted\nRADIUS packet. (CVE-2009-3111)\n\nUsers of FreeRADIUS are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, radiusd will be restarted automatically.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1451",
"url": "https://access.redhat.com/errata/RHSA-2009:1451"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "521912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521912"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1451.json"
}
],
"title": "Red Hat Security Advisory: freeradius security update",
"tracking": {
"current_release_date": "2024-11-22T03:00:39+00:00",
"generator": {
"date": "2024-11-22T03:00:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2009:1451",
"initial_release_date": "2009-09-17T14:38:00+00:00",
"revision_history": [
{
"date": "2009-09-17T14:38:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-09-17T10:45:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T03:00:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.src",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.src",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.src"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.src"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3111",
"discovery_date": "2009-09-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "521912"
}
],
"notes": [
{
"category": "description",
"text": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "FreeRADIUS: Missing check for Tunnel-Password attributes with zero length (DoS) -- re-appearance of CVE-2003-0967",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.src",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-0:1.1.3-1.5.el5_4.src",
"5Server:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3111"
},
{
"category": "external",
"summary": "RHBZ#521912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521912"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3111"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3111",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3111"
}
],
"release_date": "2009-09-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-09-17T14:38:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.src",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-0:1.1.3-1.5.el5_4.src",
"5Server:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1451"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.src",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-0:1.1.3-1.5.el5_4.src",
"5Server:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "FreeRADIUS: Missing check for Tunnel-Password attributes with zero length (DoS) -- re-appearance of CVE-2003-0967"
}
]
}
rhsa-2009:1451
Vulnerability from csaf_redhat
Published
2009-09-17 14:38
Modified
2025-10-09 13:22
Summary
Red Hat Security Advisory: freeradius security update
Notes
Topic
Updated freeradius packages that fix a security issue are now available for
Red Hat Enterprise Linux 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
FreeRADIUS is a high-performance and highly configurable free Remote
Authentication Dial In User Service (RADIUS) server, designed to allow
centralized authentication and authorization for a network.
An input validation flaw was discovered in the way FreeRADIUS decoded
specific RADIUS attributes from RADIUS packets. A remote attacker could use
this flaw to crash the RADIUS daemon (radiusd) via a specially-crafted
RADIUS packet. (CVE-2009-3111)
Users of FreeRADIUS are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
update, radiusd will be restarted automatically.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated freeradius packages that fix a security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "FreeRADIUS is a high-performance and highly configurable free Remote\nAuthentication Dial In User Service (RADIUS) server, designed to allow\ncentralized authentication and authorization for a network.\n\nAn input validation flaw was discovered in the way FreeRADIUS decoded\nspecific RADIUS attributes from RADIUS packets. A remote attacker could use\nthis flaw to crash the RADIUS daemon (radiusd) via a specially-crafted\nRADIUS packet. (CVE-2009-3111)\n\nUsers of FreeRADIUS are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, radiusd will be restarted automatically.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1451",
"url": "https://access.redhat.com/errata/RHSA-2009:1451"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "521912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521912"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1451.json"
}
],
"title": "Red Hat Security Advisory: freeradius security update",
"tracking": {
"current_release_date": "2025-10-09T13:22:06+00:00",
"generator": {
"date": "2025-10-09T13:22:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2009:1451",
"initial_release_date": "2009-09-17T14:38:00+00:00",
"revision_history": [
{
"date": "2009-09-17T14:38:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-09-17T10:45:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T13:22:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.src",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.src",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.src"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.src"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3111",
"discovery_date": "2009-09-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "521912"
}
],
"notes": [
{
"category": "description",
"text": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "FreeRADIUS: Missing check for Tunnel-Password attributes with zero length (DoS) -- re-appearance of CVE-2003-0967",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.src",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-0:1.1.3-1.5.el5_4.src",
"5Server:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3111"
},
{
"category": "external",
"summary": "RHBZ#521912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521912"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3111"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3111",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3111"
}
],
"release_date": "2009-09-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-09-17T14:38:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.src",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-0:1.1.3-1.5.el5_4.src",
"5Server:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1451"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.src",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-0:1.1.3-1.5.el5_4.src",
"5Server:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "FreeRADIUS: Missing check for Tunnel-Password attributes with zero length (DoS) -- re-appearance of CVE-2003-0967"
}
]
}
RHSA-2009:1451
Vulnerability from csaf_redhat
Published
2009-09-17 14:38
Modified
2025-10-09 13:22
Summary
Red Hat Security Advisory: freeradius security update
Notes
Topic
Updated freeradius packages that fix a security issue are now available for
Red Hat Enterprise Linux 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
FreeRADIUS is a high-performance and highly configurable free Remote
Authentication Dial In User Service (RADIUS) server, designed to allow
centralized authentication and authorization for a network.
An input validation flaw was discovered in the way FreeRADIUS decoded
specific RADIUS attributes from RADIUS packets. A remote attacker could use
this flaw to crash the RADIUS daemon (radiusd) via a specially-crafted
RADIUS packet. (CVE-2009-3111)
Users of FreeRADIUS are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
update, radiusd will be restarted automatically.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated freeradius packages that fix a security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "FreeRADIUS is a high-performance and highly configurable free Remote\nAuthentication Dial In User Service (RADIUS) server, designed to allow\ncentralized authentication and authorization for a network.\n\nAn input validation flaw was discovered in the way FreeRADIUS decoded\nspecific RADIUS attributes from RADIUS packets. A remote attacker could use\nthis flaw to crash the RADIUS daemon (radiusd) via a specially-crafted\nRADIUS packet. (CVE-2009-3111)\n\nUsers of FreeRADIUS are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, radiusd will be restarted automatically.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1451",
"url": "https://access.redhat.com/errata/RHSA-2009:1451"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "521912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521912"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1451.json"
}
],
"title": "Red Hat Security Advisory: freeradius security update",
"tracking": {
"current_release_date": "2025-10-09T13:22:06+00:00",
"generator": {
"date": "2025-10-09T13:22:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2009:1451",
"initial_release_date": "2009-09-17T14:38:00+00:00",
"revision_history": [
{
"date": "2009-09-17T14:38:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-09-17T10:45:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T13:22:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.src",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.src",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-debuginfo@1.1.3-1.5.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-mysql@1.1.3-1.5.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-unixODBC@1.1.3-1.5.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius@1.1.3-1.5.el5_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"product": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"product_id": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freeradius-postgresql@1.1.3-1.5.el5_4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.src"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.src"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
},
"product_reference": "freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3111",
"discovery_date": "2009-09-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "521912"
}
],
"notes": [
{
"category": "description",
"text": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "FreeRADIUS: Missing check for Tunnel-Password attributes with zero length (DoS) -- re-appearance of CVE-2003-0967",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.src",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-0:1.1.3-1.5.el5_4.src",
"5Server:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3111"
},
{
"category": "external",
"summary": "RHBZ#521912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521912"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3111"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3111",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3111"
}
],
"release_date": "2009-09-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-09-17T14:38:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.src",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-0:1.1.3-1.5.el5_4.src",
"5Server:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1451"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.src",
"5Client-Workstation:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Client-Workstation:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-0:1.1.3-1.5.el5_4.src",
"5Server:freeradius-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-debuginfo-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-mysql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-postgresql-0:1.1.3-1.5.el5_4.x86_64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.i386",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ia64",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.ppc",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.s390x",
"5Server:freeradius-unixODBC-0:1.1.3-1.5.el5_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "FreeRADIUS: Missing check for Tunnel-Password attributes with zero length (DoS) -- re-appearance of CVE-2003-0967"
}
]
}
ghsa-q2fp-fcx5-hff3
Vulnerability from github
Published
2022-05-02 03:41
Modified
2022-05-02 03:41
VLAI Severity ?
Details
The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.
{
"affected": [],
"aliases": [
"CVE-2009-3111"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-09-09T18:30:00Z",
"severity": "MODERATE"
},
"details": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.",
"id": "GHSA-q2fp-fcx5-hff3",
"modified": "2022-05-02T03:41:47Z",
"published": "2022-05-02T03:41:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3111"
},
{
"type": "WEB",
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
},
{
"type": "WEB",
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"type": "WEB",
"url": "http://intevydis.com/vd-list.shtml"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/36509"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT3937"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/36263"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/3184"
}
],
"schema_version": "1.4.0",
"severity": []
}
CERTA-2009-AVI-487
Vulnerability from certfr_avis
De multiples vulnérabilités dans Apple MacOS X permettent entre autres l'exécution de code arbitraire à distance.
Description
L'éditeur Apple a publié un ensemble de correctifs pour les applications livrées avec son système d'exploitation Mac OS X. L'exploitation des vulnérabilités par une personne malintentionnée pourrait permettre, entre autres, l'exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Mac OS X 10.5 ;",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Mac OS X 10.6 ;",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Mac OS X Server 10.5 ;",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Mac OS X Server 10.6.",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nL\u0027\u00e9diteur Apple a publi\u00e9 un ensemble de correctifs pour les applications\nlivr\u00e9es avec son syst\u00e8me d\u0027exploitation Mac OS X. L\u0027exploitation des\nvuln\u00e9rabilit\u00e9s par une personne malintentionn\u00e9e pourrait permettre,\nentre autres, l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-2832",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2832"
},
{
"name": "CVE-2009-3293",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3293"
},
{
"name": "CVE-2009-2820",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2820"
},
{
"name": "CVE-2009-1890",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1890"
},
{
"name": "CVE-2009-3292",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3292"
},
{
"name": "CVE-2009-2839",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2839"
},
{
"name": "CVE-2009-2825",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2825"
},
{
"name": "CVE-2009-2810",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2810"
},
{
"name": "CVE-2009-2411",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2411"
},
{
"name": "CVE-2009-2408",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2408"
},
{
"name": "CVE-2009-2416",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2416"
},
{
"name": "CVE-2009-2798",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2798"
},
{
"name": "CVE-2007-6698",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-6698"
},
{
"name": "CVE-2009-2833",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2833"
},
{
"name": "CVE-2009-2203",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2203"
},
{
"name": "CVE-2009-2823",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2823"
},
{
"name": "CVE-2009-2840",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2840"
},
{
"name": "CVE-2009-2824",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2824"
},
{
"name": "CVE-2009-2819",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2819"
},
{
"name": "CVE-2009-1891",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1891"
},
{
"name": "CVE-2009-0023",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0023"
},
{
"name": "CVE-2009-2838",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2838"
},
{
"name": "CVE-2009-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1632"
},
{
"name": "CVE-2009-2818",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2818"
},
{
"name": "CVE-2009-1956",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1956"
},
{
"name": "CVE-2007-5707",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5707"
},
{
"name": "CVE-2008-0658",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0658"
},
{
"name": "CVE-2009-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2412"
},
{
"name": "CVE-2009-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1195"
},
{
"name": "CVE-2009-1191",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1191"
},
{
"name": "CVE-2009-2808",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2808"
},
{
"name": "CVE-2009-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2830"
},
{
"name": "CVE-2008-5161",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5161"
},
{
"name": "CVE-2009-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3111"
},
{
"name": "CVE-2009-2829",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2829"
},
{
"name": "CVE-2009-2826",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2826"
},
{
"name": "CVE-2009-2414",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2414"
},
{
"name": "CVE-2009-2285",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2285"
},
{
"name": "CVE-2009-3291",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3291"
},
{
"name": "CVE-2009-2837",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2837"
},
{
"name": "CVE-2009-2409",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2409"
},
{
"name": "CVE-2009-2836",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2836"
},
{
"name": "CVE-2009-2799",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2799"
},
{
"name": "CVE-2009-1574",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1574"
},
{
"name": "CVE-2009-2835",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2835"
},
{
"name": "CVE-2009-2831",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2831"
},
{
"name": "CVE-2009-3235",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3235"
},
{
"name": "CVE-2009-1955",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1955"
},
{
"name": "CVE-2009-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2828"
},
{
"name": "CVE-2009-2202",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2202"
}
],
"initial_release_date": "2009-11-10T00:00:00",
"last_revision_date": "2009-11-10T00:00:00",
"links": [],
"reference": "CERTA-2009-AVI-487",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-11-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s dans Apple MacOS X permettent entre autres\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple MacOS X",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT3937 du 09 novembre 2009",
"url": "http://docs.info.apple.com/article.html?artnum=HT3937"
}
]
}
CERTA-2009-AVI-384
Vulnerability from certfr_avis
Une vulnérabilité présente dans FreeRADIUS permet à un utilisateur distant de provoquer un déni de service.
Description
Une vulnérabilité est présente dans FreeRADIUS. Elle est relative à la fonction rad_decode() et permet à un utilisateur distant de provoquer un déni de service par le biais d'un paquet de demande d'accès (Access-Request) construit de façon particulière.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
La version 1.1.8 corrige le problème :
http://www.freeradius.org
FreeRADIUS versions 1.1.3 à 1.1.7.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eFreeRADIUS versions 1.1.3 \u00e0 1.1.7.\u003c/p\u003e",
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 est pr\u00e9sente dans FreeRADIUS. Elle est relative \u00e0 la\nfonction rad_decode() et permet \u00e0 un utilisateur distant de provoquer un\nd\u00e9ni de service par le biais d\u0027un paquet de demande d\u0027acc\u00e8s\n(Access-Request) construit de fa\u00e7on particuli\u00e8re.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\nLa version 1.1.8 corrige le probl\u00e8me :\n\n http://www.freeradius.org\n",
"cves": [
{
"name": "CVE-2009-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3111"
}
],
"initial_release_date": "2009-09-11T00:00:00",
"last_revision_date": "2009-09-25T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-832-1 du 16 septembre 2009 : http://www.ubuntu.com/usn/USN-832-1",
"url": "https://www.ubuntu.com/usn/USN-832-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2009:1451-1 du 17 septembre 2009 :",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1451.html"
}
],
"reference": "CERTA-2009-AVI-384",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-09-11T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins RedHat et Ubuntu.",
"revision_date": "2009-09-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 pr\u00e9sente dans \u003cspan class=\"textit\"\u003eFreeRADIUS\u003c/span\u003e\npermet \u00e0 un utilisateur distant de provoquer un d\u00e9ni de service.\n",
"title": "Vuln\u00e9rabilit\u00e9 de FreeRADIUS",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 FreeRADIUS du 09 septembre 2009",
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
}
]
}
fkie_cve-2009-3111
Vulnerability from fkie_nvd
Published
2009-09-09 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4 | Patch | |
| cve@mitre.org | http://intevydis.com/vd-list.shtml | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html | ||
| cve@mitre.org | http://secunia.com/advisories/36509 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3937 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2009/09/09/1 | Patch | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-1451.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/36263 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/3184 | ||
| cve@mitre.org | https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://intevydis.com/vd-list.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/36509 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3937 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2009/09/09/1 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-1451.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/36263 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/3184 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * | |
| freeradius | freeradius | 0.2 | |
| freeradius | freeradius | 0.3 | |
| freeradius | freeradius | 0.4 | |
| freeradius | freeradius | 0.5 | |
| freeradius | freeradius | 0.8 | |
| freeradius | freeradius | 0.8.1 | |
| freeradius | freeradius | 0.9 | |
| freeradius | freeradius | 0.9.1 | |
| freeradius | freeradius | 0.9.2 | |
| freeradius | freeradius | 0.9.3 | |
| freeradius | freeradius | 1.0.0 | |
| freeradius | freeradius | 1.0.1 | |
| freeradius | freeradius | 1.0.2 | |
| freeradius | freeradius | 1.0.3 | |
| freeradius | freeradius | 1.0.4 | |
| freeradius | freeradius | 1.0.5 | |
| freeradius | freeradius | 1.1.0 | |
| freeradius | freeradius | 1.1.3 | |
| freeradius | freeradius | 1.1.5 | |
| freeradius | freeradius | 1.1.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D6F259-6145-48C9-A81B-5A331F43A76D",
"versionEndIncluding": "1.1.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEDD86F-92B9-43EC-80E3-54010E249FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDB110B-4057-4BA4-993A-9DA14888A093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "52C8708B-4D1A-48A7-87DF-DF4B53E66D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0369C1A6-A0FE-4BF8-89F5-5ED384565DAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1638CC08-8886-4863-8532-883A8616592F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E4FD4F2-0449-4562-ABF2-927206CB77DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "636F3F00-97A5-4497-A6A9-722AFC5BD689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EECDFCD7-0189-4C59-842D-C5F9064033A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3EC2A3-5FB6-4D39-B1EA-C8E17AF1F0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD634946-ED9B-47EB-8D0F-88EA6057D17C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49152208-4DBD-4AF7-BCB3-3D56650899F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90AF846A-F239-4963-B260-7CB48334B8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E95ADE53-BFBE-4B06-A1BF-EF576D567554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F03F8FE-80BA-41A3-85CE-FFB6A18E6DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C48FE12-68CB-462D-B75E-204894325F5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1321F1E7-4B14-4B16-91D0-AE9E9951D12A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "313EFEC5-1580-4ACE-BB9C-84E3714F2C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B93BEF0-09C1-4DF8-8761-582DE975F306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4F927232-6275-497E-BF09-B4DCF19642C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F07F89D7-504B-4892-9840-A3FED5274F5A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967."
},
{
"lang": "es",
"value": "La funci\u00f3n rad_decode FreeRADIUS anterior a v1.1.8, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de radiusd) a trav\u00e9s de los atributos zero-length Tunnel-Password. NOTA: esto es una regresi\u00f3n al error relacionado con el CVE-2003-0967."
}
],
"id": "CVE-2009-3111",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-09-09T18:30:00.860",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"source": "cve@mitre.org",
"url": "http://intevydis.com/vd-list.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/36509"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3937"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36263"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"source": "cve@mitre.org",
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://intevydis.com/vd-list.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/36509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2009-3111
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2009-3111",
"description": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.",
"id": "GSD-2009-3111",
"references": [
"https://www.suse.com/security/cve/CVE-2009-3111.html",
"https://access.redhat.com/errata/RHSA-2009:1451",
"https://linux.oracle.com/cve/CVE-2009-3111.html",
"https://packetstormsecurity.com/files/cve/CVE-2009-3111"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2009-3111"
],
"details": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.",
"id": "GSD-2009-3111",
"modified": "2023-12-13T01:19:49.323769Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36263"
},
{
"name": "SUSE-SR:2009:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"name": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4",
"refsource": "CONFIRM",
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"name": "[freeradius-users] 20090909 Version 1.1.8 has been released",
"refsource": "MLIST",
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"name": "36509",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36509"
},
{
"name": "oval:org.mitre.oval:def:9919",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
},
{
"name": "http://intevydis.com/vd-list.shtml",
"refsource": "MISC",
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "ADV-2009-3184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name": "SUSE-SR:2009:016",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"name": "APPLE-SA-2009-11-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "[oss-security] 20090909 CVE Request -- FreeRADIUS 1.1.8",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"name": "RHSA-2009:1451",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"name": "http://support.apple.com/kb/HT3937",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3937"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:1.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:1.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:0.8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:1.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:1.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:1.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:0.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:0.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freeradius:freeradius:1.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3111"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[freeradius-users] 20090909 Version 1.1.8 has been released",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"name": "[oss-security] 20090909 CVE Request -- FreeRADIUS 1.1.8",
"refsource": "MLIST",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"name": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4",
"refsource": "CONFIRM",
"tags": [
"Patch"
],
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"name": "RHSA-2009:1451",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"name": "SUSE-SR:2009:016",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"name": "APPLE-SA-2009-11-09-1",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT3937",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.apple.com/kb/HT3937"
},
{
"name": "ADV-2009-3184",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name": "SUSE-SR:2009:018",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"name": "http://intevydis.com/vd-list.shtml",
"refsource": "MISC",
"tags": [],
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "36263",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/36263"
},
{
"name": "36509",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/36509"
},
{
"name": "oval:org.mitre.oval:def:9919",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-09-19T01:29Z",
"publishedDate": "2009-09-09T18:30Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…