This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
freeRADIUS Vulnerability Notifications reports :
2009.09.09 v1.1.7 - Anyone who can send packets to the server can
crash it by sending a Tunnel-Password attribute in an Access-Request
packet. This vulnerability is not otherwise exploitable. We have
released 1.1.8 to correct this vulnerability.
This issue is similar to the previous Tunnel-Password issue noted
below. The vulnerable versions are 1.1.3 through 1.1.7. Version 2.x is
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 5.0
Public Exploit Available : true