Secure Computing Corporation Information for VU#589523
Multiple implementations of the RADIUS protocol contain a digest calculation buffer overflow
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 16 Apr 2002
Status
Affected
Vendor Statement
Secure Computing has provided updated RADIUS daemons for the following SafeWord systems running on Solaris: SafeWord v5.2, and SafeWord PremierAccess v3.0. The new updated daemon addresses the following vulnerabilities as was reported in the CERT Advisory CA-2002-06:
VU#589523
Previously, the radiusd daemon contained a buffer overflow in the function that calculates message digest, and the daemon would crash when a secret key of more than 108
characters was entered in the clients file. The new version will now display the following radius debug message when such a key exists:
"ERROR! Calc_digest: Bad secret key in clients file. Length is too long."
The daemon will remain running.
VU#936683
Previously, the radiusd daemon would crash when malformed RADIUS packets that included Vendor Specific Attributes of lengths of less than 2 bytes. This version will now display the following radius debug message in this situation:
"Invalid attribute. Invalid length for attribute 26."
The daemon will remain running.
To obtain the new updated RADIUS daemon, please contact Secure Computing Technical support at 1-800-700-8328
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.