Oval Definition:	oval:org.mitre.oval:def:23865
Revision Date: 2014-05-26 Version: 15 Title: ELSA-2012:1326: freeradius security update (Moderate) Description: Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not after" timestamp in a client certificate. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2012-3547 ELSA-2012:1326-01 Platform(s): Oracle Linux 6 Product(s): freeradius Definition Synopsis Oracle Linux 6.x AND rpm test freeradius-mysql is earlier than 0:2.1.12-4.el6_3 OR freeradius-perl is earlier than 0:2.1.12-4.el6_3 OR freeradius-unixODBC is earlier than 0:2.1.12-4.el6_3 OR freeradius-krb5 is earlier than 0:2.1.12-4.el6_3 OR freeradius-python is earlier than 0:2.1.12-4.el6_3 OR freeradius-utils is earlier than 0:2.1.12-4.el6_3 OR freeradius-ldap is earlier than 0:2.1.12-4.el6_3 OR freeradius-postgresql is earlier than 0:2.1.12-4.el6_3 OR freeradius is earlier than 0:2.1.12-4.el6_3
BACK