Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes FreeRADIUS EAP-TTLS Denial of Service Vulnerability

Title : Fedora Security Update Fixes FreeRADIUS EAP-TTLS Denial of Service Vulnerability
VUPEN ID : VUPEN/ADV-2007-1807
CVE ID : CVE-2007-2028
Rated as : Low Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-05-14

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format 

A vulnerability has been identified in Fedora, which could be exploited by attackers to cause a denial of service. This issue is caused by an error in FreeRADIUS. For additional information, see : VUPEN/ADV-2007-1369

Affected Products

Fedora Core 6

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

b87ac2c3b9a0d2f81b0e0e175d7101ec63b1bb52 SRPMS/freeradius-1.1.3-2.fc6.src.rpm
b87ac2c3b9a0d2f81b0e0e175d7101ec63b1bb52 noarch/freeradius-1.1.3-2.fc6.src.rpm
47be4294154bd87144c4773578d2e0052f29b878 ppc/freeradius-unixODBC-1.1.3-2.fc6.ppc.rpm
b6ee3f5de204018e0ac5cd39494b11e6991a5aa1 ppc/freeradius-postgresql-1.1.3-2.fc6.ppc.rpm
7ef80da9c6deff16c248925e49e025ac5ba41b11 ppc/freeradius-1.1.3-2.fc6.ppc.rpm
77b469194a0dbd4d8887c3d096c339cdf2000268 ppc/debug/freeradius-debuginfo-1.1.3-2.fc6.ppc.rpm
5db96b453840969eec62965ef3e76413b8167722 ppc/freeradius-mysql-1.1.3-2.fc6.ppc.rpm
806e235238f224f34862266163ddfd788b6fc583 x86_64/freeradius-postgresql-1.1.3-2.fc6.x86_64.rpm
9e843478ff4462219f561e4c60623d92d167774c x86_64/debug/freeradius-debuginfo-1.1.3-2.fc6.x86_64.rpm
93709eae31be07b2aa6954083d4c8cf970332be8 x86_64/freeradius-1.1.3-2.fc6.x86_64.rpm
f49c756c55611e4abe61e5ed67418ad36108e588 x86_64/freeradius-unixODBC-1.1.3-2.fc6.x86_64.rpm
8dbd144559ff0cbe1383d3ed8faba7ab696a3877 x86_64/freeradius-mysql-1.1.3-2.fc6.x86_64.rpm
5536a3e6767c7d1cba2b4175505ee7effb25e56e i386/freeradius-1.1.3-2.fc6.i386.rpm
1e23a511f1c8890b7628f9ebbcecee115ff72f20 i386/debug/freeradius-debuginfo-1.1.3-2.fc6.i386.rpm
d54f5a38febba939593ced790efc141a0a17f186 i386/freeradius-mysql-1.1.3-2.fc6.i386.rpm
f977db80845dd6d854518b170c1b7ce342b96a10 i386/freeradius-postgresql-1.1.3-2.fc6.i386.rpm
2440622a196e0b6a50d6d625e8525046850f30e2 i386/freeradius-unixODBC-1.1.3-2.fc6.i386.rpm

References

http://www.vupen.com/english/advisories/2007/1807
https://www.redhat.com/archives/fedora-package-announce/2007-May/msg00019.html

ChangeLog

2007-05-14 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-07-06

     

  Microsoft Windows 0-Day
  Flaw Exploited in the Wild


  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy