Mandriva Linux Security Advisory : freeradius (MDVSA-2009:227-1)
Medium Nessus Plugin ID 43851
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been found and corrected in freeradius :
The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes. NOTE: this is a regression error related to CVE-2003-0967 (CVE-2009-3111).
This update provides a solution to this vulnerability.
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.
SolutionUpdate the affected packages.