CVE-2012-3547
Published: 18 September 2012
Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not after" timestamp in a client certificate.
Notes
Author | Note |
---|---|
sbeattie | possibly mitigated by -fstack-protector upstream report claims 2.1.10-2.1.12 are only affected |
Priority
Status
Package | Release | Status |
---|---|---|
freeradius Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Not vulnerable
(code not present)
|
|
natty |
Released
(2.1.10+dfsg-2ubuntu2.1)
|
|
oneiric |
Released
(2.1.10+dfsg-3ubuntu0.11.10.1)
|
|
precise |
Released
(2.1.10+dfsg-3ubuntu0.12.04.1)
|
|
upstream |
Released
(2.2.0)
|
|
Patches: upstream: https://github.com/alandekok/freeradius-server/commit/78e5aed56c36a9231bc91ea5f55b3edf88a9d2a4 |
||
This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu. |