FreeRADIUS Exploit Fixed for Three Ubuntu OSes

A simple system update should correct any problems

By on September 28th, 2012 12:45 GMT

In a security notice, Canonical published details about a FreeRADIUS vulnerability for its Ubuntu 12.04 LTS, Ubuntu 11.10, and Ubuntu 11.04 operating systems.

According to Canonical, FreeRADIUS could be made to crash or run programs if it received specially crafted network traffic.

According to Timo Warns, FreeRADIUS incorrectly handled certain long timestamps in client certificates and a remote attacker could have exploited this flaw and cause the FreeRADIUS server to crash.

The security flaws can be fixed if you upgrade your system(s) to the latest Freeradius. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. A system restart won't be necessary to implement the changes, but FreeRADIUS will have to be restarted in order for the changes to be implemented.

Comments