SUSE SLES12 Security Update : freeradius-server (SUSE-SU-2017:2202-1)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote SUSE host is missing one or more security updates.

Description :

This update for freeradius-server fixes the following issues :

- update to 3.0.15 (bsc#1049086)

- Bind the lifetime of program name and python path to the
module

- CVE-2017-10978: FR-GV-201: Check input / output length
in make_secret() (bsc#1049086)

- CVE-2017-10983: FR-GV-206: Fix read overflow when
decoding DHCP option 63 (bsc#1049086)

- CVE-2017-10984: FR-GV-301: Fix write overflow in
data2vp_wimax() (bsc#1049086)

- CVE-2017-10985: FR-GV-302: Fix infinite loop and memory
exhaustion with 'concat' attributes (bsc#1049086)

- CVE-2017-10986: FR-GV-303: Fix infinite read in
dhcp_attr2vp() (bsc#1049086)

- CVE-2017-10987: FR-GV-304: Fix buffer over-read in
fr_dhcp_decode_suboptions() (bsc#1049086)

- CVE-2017-10988: FR-GV-305: Decode 'signed' attributes
correctly. (bsc#1049086)

- FR-AD-001: use strncmp() instead of memcmp() for bounded
data

- Print messages when we see deprecated configuration
items

- Show reasons why we couldn't parse a certificate expiry
time

- Be more accepting about truncated ASN1 times.

- Fix OpenSSL API issue which could leak small amounts of
memory.

- For Access-Reject, call rad_authlog() after running the
post-auth section, just like for Access-Accept.

- Don't crash when reading corrupted data from session
resumption cache.

- Parse port in dhcpclient.

- Don't leak memory for OpenSSL.

- Portability fixes taken from OpenBSD port collection.

- run rad_authlog after post-auth for Access-Reject.

- Don't process VMPS packets twice.

- Fix attribute truncation in rlm_perl

- Fix bug when processing huntgroups.

- FR-AD-002 - Bind the lifetime of program name and python
path to the module

- FR-AD-003 - Pass correct statement length into
sqlite3_prepare[_v2]

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.suse.com/1049086
https://www.suse.com/security/cve/CVE-2017-10978.html
https://www.suse.com/security/cve/CVE-2017-10983.html
https://www.suse.com/security/cve/CVE-2017-10984.html
https://www.suse.com/security/cve/CVE-2017-10985.html
https://www.suse.com/security/cve/CVE-2017-10986.html
https://www.suse.com/security/cve/CVE-2017-10987.html
https://www.suse.com/security/cve/CVE-2017-10988.html
http://www.nessus.org/u?78e084ca

Solution :

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t
patch SUSE-SLE-SDK-12-SP3-2017-1341=1

SUSE Linux Enterprise Server 12-SP3:zypper in -t patch
SUSE-SLE-SERVER-12-SP3-2017-1341=1

To bring your system up-to-date, use 'zypper patch'.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.8
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: SuSE Local Security Checks

Nessus Plugin ID: 102579 ()

Bugtraq ID:

CVE ID: CVE-2017-10978
CVE-2017-10983
CVE-2017-10984
CVE-2017-10985
CVE-2017-10986
CVE-2017-10987
CVE-2017-10988

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now