FreeBSD : freeradius -- remote packet of death vulnerability (1b3f854b-e4bd-11de-b276-000d8787e1be)
Medium Nessus Plugin ID 43161
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionfreeRADIUS Vulnerability Notifications reports :
2009.09.09 v1.1.7 - Anyone who can send packets to the server can crash it by sending a Tunnel-Password attribute in an Access-Request packet. This vulnerability is not otherwise exploitable. We have released 1.1.8 to correct this vulnerability.
This issue is similar to the previous Tunnel-Password issue noted below. The vulnerable versions are 1.1.3 through 1.1.7. Version 2.x is not affected.
SolutionUpdate the affected package.