CVE-2006-1354: EAP-MSCHAPv2 vulnerability
Bug #164000 reported by
William Grant
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
freeradius (Debian) |
Fix Released
|
Unknown
|
|||
freeradius (Fedora) |
Fix Released
|
High
|
|||
freeradius (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Dapper |
Fix Released
|
Undecided
|
William Grant |
Bug Description
Binary package hint: freeradius
A validation issue exists with the EAP-MSCHAPv2 module in all versions from 1.0.0 (where the module first appeared) to 1.1.0. Insufficient input validation was being done in the EAP-MSCHAPv2 state machine. A malicious attacker could manipulate their EAP-MSCHAPv2 client state machine to potentially convince the server to bypass authentication checks. This bypassing could also result in the server crashing. We recommend that administrators upgrade immediately.
Only Dapper is unfixed, and I'll roll this in with the fix for bug #106006.
CVE References
Changed in freeradius: | |
status: | New → Fix Released |
assignee: | nobody → fujitsu |
status: | New → Triaged |
Changed in freeradius: | |
status: | Triaged → In Progress |
Changed in freeradius: | |
status: | Unknown → Fix Released |
Changed in freeradius: | |
status: | In Progress → Fix Committed |
Changed in freeradius: | |
status: | Fix Committed → Fix Released |
Changed in freeradius: | |
status: | Unknown → Fix Released |
Changed in freeradius (Fedora): | |
importance: | Unknown → High |
To post a comment you must log in.
FreeRADIUS authentication bypass
A bug in the EAP-MSCHAPv2 module could allow an attacker to
improperly authenticate as an aribitrary user.
http:// www.freeradius. org/security. html
This issue also affects RHEL3