SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   FreeRADIUS Vendors:   FreeRADIUS Server Project
(Oracle Issues Fix for Oracle Linux) FreeRADIUS Resumed TLS Session Cache Flaw Lets Remote Users Bypass Authentication on the Target System
SecurityTracker Alert ID:  1038799
SecurityTracker URL:  http://securitytracker.com/id/1038799
CVE Reference:   CVE-2017-9148   (Links to External Site)
Date:  Jun 28 2017
Impact:   Host/resource access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 3.0.14
Description:   A vulnerability was reported in FreeRADIUS. A remote user can bypass authentication.

A remote user (supplicant) without authentication credentials can exploit a flaw in the processing of resumed TLS sessions to bypass authentication and cause the target server to issue an Extensible Authentication Protocol (EAP) Success message.

Stefan Winter of the RESTENA Foundation and Lubo Pavlieek of the University of Economics, Prague, separately reported this vulnerability.

Impact:   A remote user can bypass authentication and cause the target server to issue an EAP Success message.
Solution:   Oracle has issued a fix.

The Oracle Linux advisory is available at:

http://linux.oracle.com/errata/ELSA-2017-1581.html

Vendor URL:  linux.oracle.com/errata/ELSA-2017-1581.html (Links to External Site)
Cause:   Authentication error
Underlying OS:  Linux (Oracle)
Underlying OS Comments:  7

Message History:   This archive entry is a follow-up to the message listed below.
May 29 2017 FreeRADIUS Resumed TLS Session Cache Flaw Lets Remote Users Bypass Authentication on the Target System



 Source Message Contents

Subject:  [El-errata] ELSA-2017-1581 Important: Oracle Linux 7 freeradius security update

Oracle Linux Security Advisory ELSA-2017-1581

http://linux.oracle.com/errata/ELSA-2017-1581.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
freeradius-3.0.4-8.el7_3.x86_64.rpm
freeradius-devel-3.0.4-8.el7_3.i686.rpm
freeradius-devel-3.0.4-8.el7_3.x86_64.rpm
freeradius-doc-3.0.4-8.el7_3.x86_64.rpm
freeradius-krb5-3.0.4-8.el7_3.x86_64.rpm
freeradius-ldap-3.0.4-8.el7_3.x86_64.rpm
freeradius-mysql-3.0.4-8.el7_3.x86_64.rpm
freeradius-perl-3.0.4-8.el7_3.x86_64.rpm
freeradius-postgresql-3.0.4-8.el7_3.x86_64.rpm
freeradius-python-3.0.4-8.el7_3.x86_64.rpm
freeradius-sqlite-3.0.4-8.el7_3.x86_64.rpm
freeradius-unixODBC-3.0.4-8.el7_3.x86_64.rpm
freeradius-utils-3.0.4-8.el7_3.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/freeradius-3.0.4-8.el7_3.src.rpm



Description of changes:

[3.0.4-8]
- Disable internal OpenSSL cache and fix session cache file permissions.
   Resolves: Bug#1459131 CVE-2017-9148 freeradius: TLS resumption
                         authentication bypass


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC