[Bug-gnu-radius] FW: iDEFENSE Security Advisory

bug-gnu-radius

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-gnu-radius] FW: iDEFENSE Security Advisory - GNU Radius Remote Deni

From:	vendor-disclosure
Subject:	[Bug-gnu-radius] FW: iDEFENSE Security Advisory - GNU Radius Remote Denial of Service Vulnerability
Date:	Mon, 2 Feb 2004 18:44:16 -0500

We were unable to contact Sergey Poznyakoff directly with this issue and
we are therefore posting it to the address@hidden mailing list.
The vulnerability detailed in the attached advisory appears to have been
fixed in the latest version of GNU Radius, version 1.2. As a result, we
are planning to issue a public advisory on Wednesday February 4th. If
anyone objects - please contact me asap.

Michael

Michael Sutton, CA, CISA
Director, iDEFENSE Labs
iDEFENSE
1875 Campus Commons Drive, Suite 210
Reston, VA 20191
703-390-1230
msutton[at]idefense.com
www.idefense.com

-----Original Message-----
From: Michael Sutton 
Sent: Thursday, January 29, 2004 7:45 PM
To: 'address@hidden'
Subject: iDEFENSE Security Advisory - GNU Radius Remote Denial of
Service Vulnerability


 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sergey:

iDEFENSE has identified a Remote Denial of Service vulnerability in GNU
Radius Server. This vulnerability was submitted to iDEFENSE through our
Vulnerability Contributor Program
(http://www.idefense.com/poi/teams/vcp.jsp). iDEFENSE Labs has validated
this vulnerability and has drafted the attached advisory. In accordance
with our vendor disclosure policy
(http://www.idefense.com/legal_disclosure.jsp) we would request that you
acknowledge receipt of this initial notification within five business
days. If you would prefer, we can post the advisory to
address@hidden, but chose not to initially as it appears to be a
public list. We believe that this vulnerability has already been
addressed in v1.2 of GNU Radius Server. Please let us know if you concur
so that we can prepare a public disclosure for this issue.

Regards,
Michael Sutton

Michael Sutton, CA, CISA
Director, iDEFENSE Labs
iDEFENSE
1875 Campus Commons Drive, Suite 210
Reston, VA 20191
direct: 703.480.5628
voice: 703.390.1230
fax: 703.390.9456
address@hidden
www.idefense.com

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQBmo+F8ufGaIwaKhEQLBSwCg1XOgDZT2FwzKRfbiwLe8esnHpeIAoOIF
dplmqg5hQx/FmyD/PLlb2bOM
=vVn2
-----END PGP SIGNATURE-----

GNU Radius Remote Denial of Service Vulnerability.txt
Description: GNU Radius Remote Denial of Service Vulnerability.txt

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-gnu-radius] FW: iDEFENSE Security Advisory - GNU Radius Remote Denial of Service Vulnerability, vendor-disclosure <=
- Re: [Bug-gnu-radius] FW: iDEFENSE Security Advisory - GNU Radius Remote Denial of Service Vulnerability, Sergey Poznyakoff, 2004/02/02

Prev by Date: [Bug-gnu-radius] Cursos em vídeo e áudio mark eting http://www.mercadinhovirtual.h2c.net
Next by Date: Re: [Bug-gnu-radius] FW: iDEFENSE Security Advisory - GNU Radius Remote Denial of Service Vulnerability
Previous by thread: [Bug-gnu-radius] Cursos em vídeo e áudio mark eting http://www.mercadinhovirtual.h2c.net
Next by thread: Re: [Bug-gnu-radius] FW: iDEFENSE Security Advisory - GNU Radius Remote Denial of Service Vulnerability
Index(es):
- Date
- Thread