Mandrake Linux Security Advisory : freeradius (MDKSA-2006:060)
High Nessus Plugin ID 21149
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionAn unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via 'Insufficient input validation' in the EAP-MSCHAPv2 state machine module.
Updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.