Vigil@nce - FreeRADIUS: four vulnerabilities of EAP-PWD
July 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of EAP-PWD of
FreeRADIUS.
Impacted products: FreeRADIUS
Severity: 2/4
Creation date: 04/05/2015
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in the EAP-PWD module of
FreeRADIUS.
An attacker can force a NULL pointer to be dereferenced, in order
to trigger a denial of service. [severity:2/4]
An attacker can force a read at an invalid address with a Commit
Message, in order to trigger a denial of service. [severity:2/4]
An attacker can force a read at an invalid address with a Confirm
Message, in order to trigger a denial of service. [severity:2/4]
An attacker can generate a buffer overflow of one byte, in order
to trigger a denial of service, and possibly to execute code.
[severity:2/4]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/FreeRADIUS-four-vulnerabilities-of-EAP-PWD-16809