This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
Updated freeradius packages that fix a number of denial of service
vulnerabilities as well as minor bugs are now available for Red Hat
Enterprise Linux 3.
FreeRADIUS is a high-performance and highly configurable free RADIUS
server designed to allow centralized authentication and authorization
for a network.
A number of flaws were found in FreeRADIUS versions prior to 1.0.1. An
attacker who is able to send packets to the server could construct
carefully constructed packets in such a way as to cause the server to
consume memory or crash. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the names CVE-2004-0938,
CVE-2004-0960, and CVE-2004-0961 to these issues.
Users of FreeRADIUS should update to these erratum packages that
contain FreeRADIUS 1.0.1, which is not vulnerable to these issues and
also corrects a number of bugs.
See also :
Update the affected freeradius package.
Risk factor :
Medium / CVSS Base Score : 5.0
Family: Red Hat Local Security Checks
Nessus Plugin ID: 15701 ()
CVE ID: CVE-2004-0938CVE-2004-0960CVE-2004-0961
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.