FreeBSD : freeradius -- authentication bypass vulnerability (1a216dfd-f710-11da-9156-000e0c2e438a)

high Nessus Plugin ID 21678

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

The freeradius development team reports :

A validation issue exists with the EAP-MSCHAPv2 module in all versions from 1.0.0 (where the module first appeared) to 1.1.0. Insufficient input validation was being done in the EAP-MSCHAPv2 state machine. A malicious attacker could manipulate their EAP-MSCHAPv2 client state machine to potentially convince the server to bypass authentication checks. This bypassing could also result in the server crashing

Solution

Update the affected package.

See Also

http://www.nessus.org/u?66e2baca

Plugin Details

Severity: High

ID: 21678

File Name: freebsd_pkg_1a216dfdf71011da9156000e0c2e438a.nasl

Version: 1.22

Type: local

Published: 6/11/2006

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:freeradius, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 6/8/2006

Vulnerability Publication Date: 6/3/2006

Reference Information

CVE: CVE-2006-1354

BID: 17171