Debian "radiusd-cistron" NAS-Port Buffer Overflow - Secunia Advisories - Vulnerability Intelligence

Debian "radiusd-cistron" NAS-Port Buffer Overflow
Secunia Advisory:	SA9030	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2003-06-16
Last Update:	2003-06-30
Popularity:	7,960 views

Critical:	Less critical
Impact:	DoS System access
Where:	From local network
Solution Status:	Vendor Patch

OS:	Debian GNU/Linux 3.0 Debian GNU/Linux unstable alias sid

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2003-0450

Description: Debian has reported a vulnerability in radiusd-cistron, which can be exploited by malicious people to cause a DoS (Denial of Service) on a vulnerable system or potentially compromise it. The vulnerbaility is caused due to a boundary error, which can be exploited to cause a buffer overflow by sending a long, specially crafted NAS-Port attribute. Successful exploitation will crash the service or may allow execution of arbitrary code with the privileges of the RADIUS daemon (typically "root"), if the malicious person either knows a valid RADIUS key or is able to guess one. Solution: Updated packages: -- Debian GNU/Linux 3.0 alias woody -- Source archives: http://security.debian.org/pool/updat...ron/radiusd-cistron_1.6.6-1woody1.dsc Size/MD5 checksum: 611 b6a3c69ca08b1f6984147e64f7ddcaab http://security.debian.org/pool/updat...radiusd-cistron_1.6.6-1woody1.diff.gz Size/MD5 checksum: 4221 ad563e14d3f3da713973cd23e97dcef5 http://security.debian.org/pool/updat...ron/radiusd-cistron_1.6.6.orig.tar.gz Size/MD5 checksum: 194154 16084870890fd2ec577dbe183b51a379 Alpha architecture: http://security.debian.org/pool/updat...diusd-cistron_1.6.6-1woody1_alpha.deb Size/MD5 checksum: 262652 b541753d08f0d124a9f48133eeac381e ARM architecture: http://security.debian.org/pool/updat...radiusd-cistron_1.6.6-1woody1_arm.deb Size/MD5 checksum: 235578 6277971c73bf52c22b5623f9131a8d9f Intel IA-32 architecture: http://security.debian.org/pool/updat...adiusd-cistron_1.6.6-1woody1_i386.deb Size/MD5 checksum: 231960 9ca72ec922c0fd80e22d05a06176b265 Intel IA-64 architecture: http://security.debian.org/pool/updat...adiusd-cistron_1.6.6-1woody1_ia64.deb Size/MD5 checksum: 365566 ea7299686e6629039ecdf81abdebd5ee HP Precision architecture: http://security.debian.org/pool/updat...adiusd-cistron_1.6.6-1woody1_hppa.deb Size/MD5 checksum: 235502 886c9f6006c80dcf3c4c5305c76411b7 Motorola 680x0 architecture: http://security.debian.org/pool/updat...adiusd-cistron_1.6.6-1woody1_m68k.deb Size/MD5 checksum: 225678 39c53545d15bb167550fd462a139fc35 Big endian MIPS architecture: http://security.debian.org/pool/updat...adiusd-cistron_1.6.6-1woody1_mips.deb Size/MD5 checksum: 246130 3d98988fb2128bc26735c1c5b7a41cde Little endian MIPS architecture: http://security.debian.org/pool/updat...iusd-cistron_1.6.6-1woody1_mipsel.deb Size/MD5 checksum: 245672 88e63e2d94973aa7e65176b81184ed80 PowerPC architecture: http://security.debian.org/pool/updat...usd-cistron_1.6.6-1woody1_powerpc.deb Size/MD5 checksum: 229238 eb1d0a109bb66e3d39c902f561779afc IBM S/390 architecture: http://security.debian.org/pool/updat...adiusd-cistron_1.6.6-1woody1_s390.deb Size/MD5 checksum: 238530 396c1a07cc893b3d77a1ecfcbc0ee57a Sun Sparc architecture: http://security.debian.org/pool/updat...diusd-cistron_1.6.6-1woody1_sparc.deb Size/MD5 checksum: 248882 0e39dd1a1310e1afedc4d39e2b8d2794 -- Debian GNU/Linux unstable alias sid -- According to Debian, the vulnerability will be fixed soon. Provided and/or discovered by: David Luyer Original Advisory: http://www.debian.org/security/2003/dsa-321 Other References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=196063

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

2nd Dec, 2008

New advisories:	14
New vulnerabilities:	21
Updated advisories:	26

Less // 387 views

Linksys WRT160N Cross-Site Scripting Vulnerability

Less // 368 views

IBM Rational ClearQuest Multiple Vulnerabilities

Not // 292 views

Debian update for flamethrower

Not // 282 views

flamethrower Insecure Temporary Files

Less // 340 views

IBM Rational ClearCase Cross-Site Scripting Vulnerability

Not // 327 views

DAHDI "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerability

Not // 322 views

Zaptel "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerabilities

Moderately // 311 views

Rumpus Multiple Vulnerabilities

Less // 326 views

bcoos "cid" SQL Injection Vulnerability

Moderately // 341 views

ASP Portal "ASPPortal.mdb" Database Disclosure Security Issue

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.