VDB

GCVE-110-MAGEIA-2020-7

GCVE-110-MAGEIA-2020-7
Advisory Published
Vulnetix · Advisory published January 5, 2020
Updated freeradius packages fix security vulnerabilities: It was discovered freeradius does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user (CVE-2019-10143). An information leak was discovered in the implementation of EAP-pwd in freeradius. An attacker could initiate several EAP-pwd handshakes to leak information, which can then be used to recover the user's WiFi password by performing dictionary and brute-force attacks (CVE-2019-13456). Denial of service issues due to multithreaded BN_CTX access (CVE-2019-17185).

Affected Products

VendorProductVersionsPlatforms
Mageiadarktable0 (affected), 2.6.3-1.mga7 (unaffected)
Mageiafreeradius0 (affected), 3.0.20-1.mga7 (unaffected), 0 (affected), 3.0.20-1.mga7 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›