openSUSE Security Update : freeradius-server (openSUSE-2017-972)

critical Nessus Plugin ID 102810

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for freeradius-server fixes the following issues :

- update to 3.0.15 (bsc#1049086)

- Bind the lifetime of program name and python path to the module

- CVE-2017-10978: FR-GV-201: Check input / output length in make_secret() (bsc#1049086)

- CVE-2017-10983: FR-GV-206: Fix read overflow when decoding DHCP option 63 (bsc#1049086)

- CVE-2017-10984: FR-GV-301: Fix write overflow in data2vp_wimax() (bsc#1049086)

- CVE-2017-10985: FR-GV-302: Fix infinite loop and memory exhaustion with 'concat' attributes (bsc#1049086)

- CVE-2017-10986: FR-GV-303: Fix infinite read in dhcp_attr2vp() (bsc#1049086)

- CVE-2017-10987: FR-GV-304: Fix buffer over-read in fr_dhcp_decode_suboptions() (bsc#1049086)

- CVE-2017-10988: FR-GV-305: Decode 'signed' attributes correctly. (bsc#1049086)

- FR-AD-001: use strncmp() instead of memcmp() for bounded data

- Print messages when we see deprecated configuration items

- Show reasons why we couldn't parse a certificate expiry time

- Be more accepting about truncated ASN1 times.

- Fix OpenSSL API issue which could leak small amounts of memory.

- For Access-Reject, call rad_authlog() after running the post-auth section, just like for Access-Accept.

- Don't crash when reading corrupted data from session resumption cache.

- Parse port in dhcpclient.

- Don't leak memory for OpenSSL.

- Portability fixes taken from OpenBSD port collection.

- run rad_authlog after post-auth for Access-Reject.

- Don't process VMPS packets twice.

- Fix attribute truncation in rlm_perl

- Fix bug when processing huntgroups.

- FR-AD-002 - Bind the lifetime of program name and python path to the module

- FR-AD-003 - Pass correct statement length into sqlite3_prepare[_v2]

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Solution

Update the affected freeradius-server packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1049086

Plugin Details

Severity: Critical

ID: 102810

File Name: openSUSE-2017-972.nasl

Version: 3.4

Type: local

Agent: unix

Published: 8/29/2017

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:freeradius-server, p-cpe:/a:novell:opensuse:freeradius-server-debuginfo, p-cpe:/a:novell:opensuse:freeradius-server-debugsource, p-cpe:/a:novell:opensuse:freeradius-server-devel, p-cpe:/a:novell:opensuse:freeradius-server-krb5, p-cpe:/a:novell:opensuse:freeradius-server-krb5-debuginfo, p-cpe:/a:novell:opensuse:freeradius-server-ldap, p-cpe:/a:novell:opensuse:freeradius-server-ldap-debuginfo, p-cpe:/a:novell:opensuse:freeradius-server-libs, p-cpe:/a:novell:opensuse:freeradius-server-libs-debuginfo, p-cpe:/a:novell:opensuse:freeradius-server-mysql, p-cpe:/a:novell:opensuse:freeradius-server-mysql-debuginfo, p-cpe:/a:novell:opensuse:freeradius-server-perl, p-cpe:/a:novell:opensuse:freeradius-server-perl-debuginfo, p-cpe:/a:novell:opensuse:freeradius-server-postgresql, p-cpe:/a:novell:opensuse:freeradius-server-postgresql-debuginfo, p-cpe:/a:novell:opensuse:freeradius-server-python, p-cpe:/a:novell:opensuse:freeradius-server-python-debuginfo, p-cpe:/a:novell:opensuse:freeradius-server-sqlite, p-cpe:/a:novell:opensuse:freeradius-server-sqlite-debuginfo, p-cpe:/a:novell:opensuse:freeradius-server-utils, p-cpe:/a:novell:opensuse:freeradius-server-utils-debuginfo, cpe:/o:novell:opensuse:42.3

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 8/28/2017

Reference Information

CVE: CVE-2017-10978, CVE-2017-10983, CVE-2017-10984, CVE-2017-10985, CVE-2017-10986, CVE-2017-10987, CVE-2017-10988