CVE-2009-3111

Publication date 9 September 2009

Last updated 24 July 2024

Ubuntu priority

The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
freeradius	9.10 karmic	Not affected
	9.04 jaunty	Not affected
	8.10 intrepid	Not affected
	8.04 LTS hardy	Fixed 1.1.7-1ubuntu0.2
	6.06 LTS dapper	Ignored

Notes

kees

oss-security: "Version 2.X is not affected by this issue."

mdeslaur

PoC for CVE-2003-0967: http://marc.info/?l=bugtraq&m=106944220426970

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
freeradius	Upstream: 860cad9

References

Related Ubuntu Security Notices (USN)

USN-832-1
FreeRADIUS vulnerability
16 September 2009

Other references

https://www.cve.org/CVERecord?id=CVE-2009-3111