Vulnerability CVE-2017-10979

Vulnerability Name:

CVE-2017-10979 (CCN-128720)

Assigned:

2017-06-18

Published:

2017-06-18

Updated:

2018-01-05

Summary:

An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in rad_coalesce()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

8.1 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.1 High (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-787

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2017-10979

Source: CCN
Type: FreeRADIUS Web site
Issues found via fuzzing by Guido Vranken

Source: CONFIRM
Type: Patch, Vendor Advisory
http://freeradius.org/security/fuzzer-2017.html

Source: CCN
Type: SECTRACK ID: 1038914
FreeRADIUS Overflows and Memory Leaks Let Remote Users Deny Service and Execute Arbitrary Code

Source: DEBIAN
Type: UNKNOWN
DSA-3930

Source: BID
Type: UNKNOWN
99901

Source: CCN
Type: BID-99901
FreeRADIUS CVE-2017-10979 Out-Of-Bounds Write Remote Code Execution Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1038914

Source: REDHAT
Type: UNKNOWN
RHSA-2017:1759

Source: XF
Type: UNKNOWN
freeradius-cve201710979-dos(128720)

Source: CCN
Type: Apple security document HT208102
About the security content of macOS Server 5.4

Vulnerable Configuration:

Configuration 1:

cpe:/a:freeradius:freeradius:2.0.0:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.0.0:pre1:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.0.0:pre2:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.0.1:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.0.2:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.0.3:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.0.4:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.0.5:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.1.0:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.1.1:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.1.2:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.1.3:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.1.4:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.1.6:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.1.7:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.1.8:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.1.9:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.1.10:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.1.11:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.1.12:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.2.0:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.2.1:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.2.2:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.2.3:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.2.4:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.2.5:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.2.6:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.2.7:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.2.8:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.2.9:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:freeradius:freeradius:2.0:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:2.2.9:*:*:*:*:*:*:*

OR cpe:/a:freeradius:freeradius:3.0.14:*:*:*:*:*:*:*

AND

cpe:/o:apple:macos_sierra:10.12.6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201710979	V	CVE-2017-10979	2022-05-22
oval:org.opensuse.security:def:33111	P	Security update for the Linux Kernel (Important) (in QA)	2022-01-17
oval:org.opensuse.security:def:30169	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:33067	P	Security update for libqt4 (Important)	2021-12-22
oval:org.opensuse.security:def:35279	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:33749	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:33044	P	Security update for postgresql, postgresql13, postgresql14 (Important)	2021-11-20
oval:org.opensuse.security:def:29439	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:29428	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:29427	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:30130	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:33005	P	Security update for gtk-vnc (Moderate)	2021-09-16
oval:org.opensuse.security:def:30232	P	Security update for MozillaFirefox (Important)	2021-08-17
oval:org.opensuse.security:def:31230	P	Security update for linuxptp (Important)	2021-07-21
oval:org.opensuse.security:def:32956	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:33667	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:31186	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:30081	P	Security update for qemu (Important)	2021-06-02
oval:org.opensuse.security:def:33909	P	Security update for xen (Important)	2021-05-19
oval:org.opensuse.security:def:34425	P	Security update for python36 (Moderate)	2021-05-04
oval:org.opensuse.security:def:34424	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:30188	P	Security update for tomcat (Important)	2021-04-29
oval:org.opensuse.security:def:31165	P	Security update for gdm (Important)	2021-04-28
oval:org.opensuse.security:def:32899	P	Security update for xen (Important)	2021-04-19
oval:org.opensuse.security:def:28913	P	Security update for fwupdate (Important)	2021-04-09
oval:org.opensuse.security:def:33788	P	Security update for openssl-1_1 (Important)	2021-03-25
oval:org.opensuse.security:def:28962	P	Security update for nghttp2 (Important)	2021-03-24
oval:org.opensuse.security:def:32282	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:32281	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:30026	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:33763	P	Security update for wpa_supplicant (Important)	2021-02-15
oval:org.opensuse.security:def:34520	P	Security update for cups (Moderate)	2021-02-02
oval:org.opensuse.security:def:34436	P	Security update for dnsmasq (Important)	2021-01-19
oval:org.opensuse.security:def:34656	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:35235	P	Security update for openexr (Moderate)	2020-12-23
oval:org.opensuse.security:def:28859	P	Security update for postgresql12 (Important)	2020-12-04
oval:org.opensuse.security:def:35958	P	libneon27-0.29.6-6.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35917	P	hplip-3.11.10-0.6.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:34812	P	Security update for apache2-mod_perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:34755	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:31126	P	Security update for kvm (Moderate)	2020-12-01
oval:org.opensuse.security:def:28073	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:31077	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:28038	P	Security update for cracklib (Moderate)	2020-12-01
oval:org.opensuse.security:def:31021	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:27400	P	finch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30866	P	Security update for emacs (Important)	2020-12-01
oval:org.opensuse.security:def:27356	P	GraphicsMagick on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30779	P	Security update for bash (Important)	2020-12-01
oval:org.opensuse.security:def:27342	P	zoo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30722	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:27303	P	systemtap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30632	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:27254	P	openvpn on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30500	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:27201	P	libnetpbm10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30426	P	Security update for xorg-x11-libs (Moderate)	2020-12-01
oval:org.opensuse.security:def:27050	P	virt-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30415	P	Security update for xorg-x11-libXdmcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:26966	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29736	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:30414	P	Security update for xorg-x11-libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26909	P	gpg2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29700	P	Security update for file-roller (Moderate)	2020-12-01
oval:org.opensuse.security:def:26828	P	system-config-printer on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29062	P	Security update for bsdtar (Important)	2020-12-01
oval:org.opensuse.security:def:26700	P	freetype2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32743	P	logrotate on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29018	P	Security update for lighttpd (Moderate)	2020-12-01
oval:org.opensuse.security:def:26636	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32656	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29001	P	Security update for Linux kernel	2020-12-01
oval:org.opensuse.security:def:34959	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:26625	P	pam_ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32599	P	qt3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34919	P	Security update for evince (Moderate)	2020-12-01
oval:org.opensuse.security:def:26624	P	pam_krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32505	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34281	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32370	P	Recommended update for tboot (Moderate)	2020-12-01
oval:org.opensuse.security:def:34237	P	Security update for pixman (Moderate)	2020-12-01
oval:org.opensuse.security:def:32293	P	Security update for postgresql94 (Important)	2020-12-01
oval:org.opensuse.security:def:28707	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34212	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:28623	P	Security update for zypper	2020-12-01
oval:org.opensuse.security:def:34173	P	Security update for openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:30907	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:28566	P	Security update for Linux kernel	2020-12-01
oval:org.opensuse.security:def:34124	P	Security update for netpbm (Moderate)	2020-12-01
oval:org.opensuse.security:def:30870	P	Security update for evolution-data-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:28481	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:34066	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28350	P	Recommended update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28283	P	Security update for mysql (Important)	2020-12-01
oval:org.opensuse.security:def:33820	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:28272	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:28271	P	Security update for mono-core (Moderate)	2020-12-01
oval:org.opensuse.security:def:33531	P	Security update for Xerces-j2	2020-12-01
oval:org.opensuse.security:def:33449	P	Security update for glibc	2020-12-01
oval:org.opensuse.security:def:29873	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:35208	P	Security update for libgcrypt	2020-12-01
oval:org.opensuse.security:def:33438	P	Security update for dnsmasq	2020-12-01
oval:org.opensuse.security:def:29787	P	Security update for graphviz (Low)	2020-12-01
oval:org.opensuse.security:def:35169	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:31906	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:33437	P	Security update for dhcp-client	2020-12-01
oval:org.opensuse.security:def:29730	P	Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Moderate)	2020-12-01
oval:org.opensuse.security:def:35120	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31868	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:29643	P	Security update for cups (Moderate)	2020-12-01
oval:org.opensuse.security:def:35061	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:29511	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:34902	P	Security update for dhcp (Moderate)	2020-12-01
oval:com.redhat.rhsa:def:20171759	P	RHSA-2017:1759: freeradius security update (Important)	2017-07-18
oval:com.ubuntu.xenial:def:2017109790000000	V	CVE-2017-10979 on Ubuntu 16.04 LTS (xenial) - medium.	2017-07-17
oval:com.ubuntu.trusty:def:201710979000	V	CVE-2017-10979 on Ubuntu 14.04 LTS (trusty) - medium.	2017-07-17
oval:com.ubuntu.xenial:def:201710979000	V	CVE-2017-10979 on Ubuntu 16.04 LTS (xenial) - medium.	2017-07-17

BACK