Oval Definition:oval:org.mitre.oval:def:18256
Revision Date:2014-06-23Version:7
Title:DSA-2573-1 radsecproxy - SSL certificate verification weakness
Description:Ralf Paffrath reported that Radsecproxy, a RADIUS protocol proxy, mixed up pre- and post-handshake verification of clients. This vulnerability may wrongly accept clients without checking their certificate chain under certain configurations.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2012-4523
CVE-2012-4566
DSA-2573-1
Platform(s):Debian GNU/kFreeBSD 6.0
Debian GNU/Linux 6.0
Product(s):radsecproxy
Definition Synopsis
  • Debian 6.0 is installed
  • AND GNU/Linux or GNU/kFreeBSD kernel
  • Debian GNU/Linux is installed
  • OR Debian GNU/kFreeBSD is installed
  • AND radsecproxy DPKG is earlier than 1.4-1+squeeze1
    • BACK