FreeRADIUS: Denial of Service — GLSA 200704-14

A memory leak has been discovered in FreeRADIUS, possibly allowing for a Denial of Service.

Affected Packages

net-dialup/freeradius on all architectures
Affected versions < 1.1.6
Unaffected versions >= 1.1.6

Background

FreeRADIUS is an open source RADIUS authentication server implementation.

Description

The Coverity Scan project has discovered a memory leak within the handling of certain malformed Diameter format values inside an EAP-TTLS tunnel.

Impact

A remote attacker could send a large amount of specially crafted packets to a FreeRADIUS server using EAP-TTLS authentication and exhaust all memory, possibly resulting in a Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All FreeRADIUS users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-dialup/freeradius-1.1.6"

References

Release Date
April 17, 2007

Latest Revision
April 17, 2007: 01

Severity
normal

Exploitable
remote

Bugzilla entries