Jump to content

Advisories (MDKSA-2006:060 ): freeradius


Recommended Posts

Mandriva Advisories MDKSA-2006:060 : freeradius


Updated FreeRADIUS packages fix EAP-MSCHAPv2 module vulnerability

March 23rd, 2006


An unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module. Updated packages have been patched to correct this issue.



The released versions of Mandriva GNU/Linux affected are:

  • 2006.0

Full information about this advisory, including the updated packages, is available at:



Other references:



Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)

Link to comment
Share on other sites


  • Create New...