Candidate: CVE-2015-8764
PublicDate: 2017-03-27 17:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8764
 http://freeradius.org/security.html#eap-pwd-2015
Description:
 Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8,
 which triggers a buffer overflow.
Ubuntu-Description:
Notes:
 sbeattie> according to upstream, EAP-PWD not enabled by default
 mdeslaur> 3.0+ only
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H [8.1 HIGH]

Patches_freeradius:
upstream_freeradius: needs-triage
precise_freeradius: not-affected
trusty_freeradius: not-affected
trusty/esm_freeradius: DNE (trusty was not-affected)
vivid_freeradius: not-affected
wily_freeradius: not-affected
devel_freeradius: not-affected