Mandriva Linux Security Advisory : php-radius (MDVSA-2013:192)
High Nessus Plugin ID 67137
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionA security vulnerability was discovered and fixed in php-radius.
Fix a security issue in radius_get_vendor_attr() by enforcing checks of the VSA length field against the buffer size (CVE-2013-2220).
The updated packages have been upgraded to the 1.2.7 version which is not affected by this issue.
SolutionUpdate the affected php-radius package.