Executive Summary

Summary
Title FreeRADIUS: Arbitrary code execution
Informations
Name GLSA-201406-12 First vendor Publication 2014-06-15
Vendor Gentoo Last vendor Modification 2014-06-15
Severity (Vendor) High Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

A vulnerability in FreeRADIUS can lead to arbitrary code execution or Denial of Service by authenticated users.

Background

FreeRADIUS is an open source RADIUS authentication server.

Description

Large passwords can trigger a stack-based buffer overflow in FreeRADIUS's rlm_pap module when authenticating against an LDAP server.

Impact

An authenticated user could set a specially crafted long password, possibly leading to arbitrary code execution or a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All FreeRADIUS users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-dialup/freeradius-2.2.5"

References

[ 1 ] CVE-2014-2015 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2015

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201406-12.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201406-12.xml

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24409
 
Oval ID: oval:org.mitre.oval:def:24409
Title: USN-2122-1 -- freeradius vulnerabilities
Description: Several security issues were fixed in FreeRADIUS.
Family: unix Class: patch
Reference(s): USN-2122-1
CVE-2011-4966
CVE-2014-2015
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 12.10
Ubuntu 12.04
Ubuntu 10.04
Product(s): freeradius
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25164
 
Oval ID: oval:org.mitre.oval:def:25164
Title: SUSE-SU-2014:0525-1 -- Security update for freeradius
Description: This update fixes a denial of service (crash) security issue rlm_pap hash processing in FreeRadius, which could have been caused by special passwords fed into the RLM-PAP password checking method via LDAP by remote attackers. Security Issue reference: * CVE-2014-2015 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2015 >
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0525-1
CVE-2014-2015
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): freeradius
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 24

Nessus® Vulnerability Scanner

Date Description
2017-06-06 Name : The remote Debian host is missing a security update.
File : debian_DLA-977.nasl - Type : ACT_GATHER_INFO
2015-08-18 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-581.nasl - Type : ACT_GATHER_INFO
2015-08-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150722_freeradius_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-07-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1287.nasl - Type : ACT_GATHER_INFO
2015-07-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1287.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1287.nasl - Type : ACT_GATHER_INFO
2014-06-16 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201406-12.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-191.nasl - Type : ACT_GATHER_INFO
2014-04-15 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_freeradius-server-140228.nasl - Type : ACT_GATHER_INFO
2014-03-14 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-058.nasl - Type : ACT_GATHER_INFO
2014-03-10 Name : The remote Fedora host is missing a security update.
File : fedora_2014-3184.nasl - Type : ACT_GATHER_INFO
2014-03-10 Name : The remote Fedora host is missing a security update.
File : fedora_2014-3192.nasl - Type : ACT_GATHER_INFO
2014-02-27 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2122-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2014-11-04 09:28:35
  • Multiple Updates
2014-11-02 09:29:01
  • Multiple Updates
2014-06-17 13:25:41
  • Multiple Updates
2014-06-15 05:21:01
  • First insertion