This script is Copyright (C) 2006-2010 Tenable Network Security, Inc.
The remote host is missing a vendor-supplied security patch
The remote host is missing the patch for the advisory SUSE-SA:2006:019 (freeradius).
Insufficient input validation was being done in the EAP-MSCHAPv2
state machine of the FreeRADIUS authentication server.
A malicious attacker could manipulate their EAP-MSCHAPv2 client state
machine to potentially convince the server to bypass authentication
checks. This bypassing could also result in the server crashing.
This is tracked by the Mitre CVE ID CVE-2006-1354.
Risk factor :
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now