CVE-2006-1354 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-1354
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-1354

Description: Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25352 TRUSTIX http://www.trustix.org/errata/2006/0020 SUSE http://lists.suse.de/archive/suse-security-announce/2006-Mar/0009.html ST 1015795 SGI SAID Secunia Advisory: SA20461 Secunia Advisory: SA19811 Secunia Advisory: SA19527 Secunia Advisory: SA19405 Secunia Advisory: SA19518 Secunia Advisory: SA19300 REDHAT http://rhn.redhat.com/errata/RHSA-2006-0271.html MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:060 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200604-03.xml DEBIAN http://www.debian.org/security/2006/dsa-1089 CONFIRM http://www.freeradius.org/security.html BID 17171

Return to the previous page.