CVE-2011-2701

Related Files

Gentoo Linux Security Advisory 201311-09

Posted Nov 13, 2013

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201311-9 - Multiple vulnerabilities have been found in FreeRADIUS, the worst of which allow execution of arbitrary code or Denial of Service. Versions less than 2.2.0 are affected.

tags | advisory, denial of service, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2010-3696, CVE-2010-3697, CVE-2011-2701, CVE-2012-3547

SHA-256 | 57bcce463337b741d7d21b72cef8fb2112833dc0e82e9e2ffac188cc8c2cd7ed

Download | Favorite | View

Mandriva Linux Security Advisory 2012-047

Posted Apr 2, 2012

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-047 - The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when OCSP is enabled, does not properly parse replies from OCSP responders, which allows remote attackers to bypass authentication by using the EAP-TLS protocol with a revoked X.509 client certificate. The updated packages have been patched to correct this issue.

tags | advisory, remote, protocol

systems | linux, mandriva

advisories | CVE-2011-2701

SHA-256 | 993d182b26662e6aa300645b83f0d7ecd09a0a5eab170d2d1d2c3096abf64879

Download | Favorite | View

FreeRADIUS OCSP Responder Reply Parsing

Posted Jul 25, 2011

Authored by DFN-CERT | Site dfn-cert.de

During a test of the OCSP support in FreeRADIUS, a security vulnerability has been found in the way the FreeRADIUS code parses the replies from an OCSP responder. This allows a remote attacker to use a revoked certificate from an otherwise trusted certification authority (CA) to successfully authenticate against the FreeRADIUS server if it is configured to use EAP-TLS with OCSP certificate validation.

tags | advisory, remote

advisories | CVE-2011-2701

SHA-256 | 5b65d36c4e76607a595656693bfddbeb502cec23fc2d22af359d05dff8140b17

Download | Favorite | View