Lucene search
RedHatRHSA-2007:0338HistoryMay 10, 2007 - 12:00 a.m.
(RHSA-2007:0338) Moderate: freeradius security update
2007-05-1000:00:00
access.redhat.com
13
EPSS
0.016
Percentile
87.5%
FreeRADIUS is a high-performance and highly configurable free RADIUS server
designed to allow centralized authentication and authorization for a network.
A memory leak flaw was found in the way FreeRADIUS parses certain
authentication requests. A remote attacker could send a specially crafted
authentication request which could cause FreeRADIUS to leak a small amount
of memory. If enough of these requests are sent, the FreeRADIUS daemon
would consume a vast quantity of system memory leading to a possible denial
of service. (CVE-2007-2028)
Users of FreeRADIUS should update to these erratum packages, which contain a
backported patch to correct this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 5 | s390x | freeradius-mysql | < 1.1.3-1.2.el5 | freeradius-mysql-1.1.3-1.2.el5.s390x.rpm |
| RedHat | any | ppc | freeradius-unixodbc | < 1.0.1-3.RHEL4.5 | freeradius-unixODBC-1.0.1-3.RHEL4.5.ppc.rpm |
| RedHat | 5 | x86_64 | freeradius-unixodbc | < 1.1.3-1.2.el5 | freeradius-unixODBC-1.1.3-1.2.el5.x86_64.rpm |
| RedHat | 5 | ppc | freeradius-unixodbc | < 1.1.3-1.2.el5 | freeradius-unixODBC-1.1.3-1.2.el5.ppc.rpm |
| RedHat | any | s390 | freeradius-postgresql | < 1.0.1-3.RHEL4.5 | freeradius-postgresql-1.0.1-3.RHEL4.5.s390.rpm |
| RedHat | any | ppc | freeradius-postgresql | < 1.0.1-3.RHEL4.5 | freeradius-postgresql-1.0.1-3.RHEL4.5.ppc.rpm |
| RedHat | any | ia64 | freeradius-unixodbc | < 1.0.1-3.RHEL4.5 | freeradius-unixODBC-1.0.1-3.RHEL4.5.ia64.rpm |
| RedHat | any | s390x | freeradius | < 1.0.1-2.RHEL3.4 | freeradius-1.0.1-2.RHEL3.4.s390x.rpm |
| RedHat | any | i386 | freeradius | < 1.0.1-2.RHEL3.4 | freeradius-1.0.1-2.RHEL3.4.i386.rpm |
| RedHat | any | src | freeradius | < 1.0.1-3.RHEL4.5 | freeradius-1.0.1-3.RHEL4.5.src.rpm |
Related
openvas
openvas
Gentoo Security Advisory GLSA 200704-14 (FreeRADIUS)
2008-09-24 00:00:00
Mandriva Update for freeradius MDKSA-2007:085 (freeradius)
2009-04-09 00:00:00
Oracle: Security Advisory (ELSA-2007-0338)
2015-10-08 00:00:00
nessus
nessus
SuSE 10 Security Update : freeradius (ZYPP Patch Number 3287)
2007-12-13 00:00:00
Fedora Core 6 : freeradius-1.1.3-2.fc6 (2007-499)
2007-05-16 00:00:00
openSUSE 10 Security Update : freeradius (freeradius-3286)
2007-10-17 00:00:00
cve
cve
CVE-2007-2028
2007-04-13 18:19:00
securityvulns
securityvulns
FreeRADIUS memory leak
2007-04-16 00:00:00
oraclelinux
oraclelinux
Moderate: freeradius security update
2007-05-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:15:55
cvelist
cvelist
CVE-2007-2028
2007-04-13 18:00:00
ubuntucve
ubuntucve
CVE-2007-2028
2007-04-13 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: freeradius-1.1.3-2.fc6
2007-05-14 17:06:05
debiancve
debiancve
CVE-2007-2028
2007-04-13 18:19:00
nvd
nvd
CVE-2007-2028
2007-04-13 18:19:00
prion
prion
Design/Logic Flaw
2007-04-13 18:19:00
centos
centos
freeradius security update
2007-05-10 16:23:13
gentoo
gentoo
FreeRADIUS: Denial of service
2007-04-17 00:00:00
freebsd
freebsd
freeradius -- EAP-TTLS Tunnel Memory Leak Remote DOS Vulnerability
2007-04-10 00:00:00