CERTA-2004-AVI-323
Vulnerability from certfr_avis
None
Description
Plusieurs vulnérabilités sont présentes dans le serveur d'authentification FreeRadius. Ces vulnérabilités permettent à un utilisateur mal intentionné de réaliser un déni de service du serveur d'authentification.
Solution
-
Installer les sources de la version corrigée de FreeRadius :
ftp://ftp.freeradius.org/pub/radius/freeradius-1.0.1.tar.gz -
Mettre à jour le port ou le paquetage FreeBSD.
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| FreeRadius | FreeRADIUS | Ports FreeBSD de FreeRadius versions 0.8.0 à 1.0.0. | ||
| FreeRadius | FreeRADIUS | FreeRadius versions 1.x antérieures à la version 1.0.1 ; | ||
| FreeRadius | FreeRADIUS | FreeRadius 0.x ; |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ports FreeBSD de FreeRadius versions 0.8.0 \u00e0 1.0.0.",
"product": {
"name": "FreeRADIUS",
"vendor": {
"name": "FreeRadius",
"scada": false
}
}
},
{
"description": "FreeRadius versions 1.x ant\u00e9rieures \u00e0 la version 1.0.1 ;",
"product": {
"name": "FreeRADIUS",
"vendor": {
"name": "FreeRadius",
"scada": false
}
}
},
{
"description": "FreeRadius 0.x ;",
"product": {
"name": "FreeRADIUS",
"vendor": {
"name": "FreeRadius",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans le serveur\nd\u0027authentification FreeRadius. Ces vuln\u00e9rabilit\u00e9s permettent \u00e0 un\nutilisateur mal intentionn\u00e9 de r\u00e9aliser un d\u00e9ni de service du serveur\nd\u0027authentification.\n\n## Solution\n\n- Installer les sources de la version corrig\u00e9e de FreeRadius :\n\n ftp://ftp.freeradius.org/pub/radius/freeradius-1.0.1.tar.gz\n\n- Mettre \u00e0 jour le port ou le paquetage FreeBSD.\n",
"cves": [],
"initial_release_date": "2004-09-21T00:00:00",
"last_revision_date": "2004-10-15T00:00:00",
"links": [
{
"title": "Avis de s\u00e9curit\u00e9 Secunia :",
"url": "http://secunia.com/advisories/12570/"
},
{
"title": "Note de vuln\u00e9rabilit\u00e9 de l\u0027US-CERT :",
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"title": "Note de vuln\u00e9rabilit\u00e9 FreeBSD du 13 octobre 2004 :",
"url": "http://www.vuxml.org/freebsd/20dfd134-1d39-11d9-9be9-000c6e8f12e.html"
}
],
"reference": "CERTA-2004-AVI-323",
"revisions": [
{
"description": "version initiale ;",
"revision_date": "2004-09-21T00:00:00.000000"
},
{
"description": "Ajout de la note FreeBSD et des avis de Secunia et de l\u0027US-CERT.",
"revision_date": "2004-10-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
}
],
"summary": null,
"title": "Vuln\u00e9rabilit\u00e9s sous FreeRadius",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 FreeRadius",
"url": "http://www.freeradius.org/security.html"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…