Candidate: CVE-2012-4566
PublicDate: 2012-11-20 00:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4566
 http://www.openwall.com/lists/oss-security/2012/10/31/6
Description:
 The DTLS support in radsecproxy before 1.6.2 does not properly verify
 certificates when there are configuration blocks with CA settings that are
 unrelated to the block being used for verifying the certificate chain,
 which might allow remote attackers to bypass intended access restrictions
 and spoof clients, a different vulnerability than CVE-2012-4523.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by: Raphael Geissert
Assigned-to:
CVSS: 

Patches_radsecproxy:
 upstream: http://git.nordu.net/?p=radsecproxy.git;a=commit;h=3682c935facf5ccd7fa600644bbb76957155c680
upstream_radsecproxy: released (1.6.2-1)
hardy_radsecproxy: DNE
lucid_radsecproxy: ignored (reached end-of-life)
oneiric_radsecproxy: ignored (reached end-of-life)
precise_radsecproxy: ignored (reached end-of-life)
precise/esm_radsecproxy: DNE (precise was needed)
quantal_radsecproxy: ignored (reached end-of-life)
raring_radsecproxy: not-affected (1.6.2-1)
saucy_radsecproxy: not-affected (1.6.2-1)
trusty_radsecproxy: not-affected (1.6.2-1)
trusty/esm_radsecproxy: DNE (trusty was not-affected [1.6.2-1])
utopic_radsecproxy: not-affected (1.6.2-1)
vivid_radsecproxy: not-affected (1.6.2-1)
vivid/stable-phone-overlay_radsecproxy: DNE
vivid/ubuntu-core_radsecproxy: DNE
wily_radsecproxy: not-affected (1.6.2-1)
xenial_radsecproxy: not-affected (1.6.2-1)
yakkety_radsecproxy: not-affected (1.6.2-1)
zesty_radsecproxy: not-affected (1.6.2-1)
devel_radsecproxy: not-affected (1.6.2-1)