CVE-2007-2028

Related Files

Gentoo Linux Security Advisory 200704-14

Posted Apr 19, 2007

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200704-14 - The Coverity Scan project has discovered a memory leak within the handling of certain malformed Diameter format values inside an EAP-TTLS tunnel. Versions less than 1.1.6 are affected.

tags | advisory, memory leak

systems | linux, gentoo

advisories | CVE-2007-2028

SHA-256 | 394f9353978046dede907c0190926b1d878b6ee2d2f4d59d8381d69442dc267b

Download | Favorite | View

Mandriva Linux Security Advisory 2007.085

Posted Apr 17, 2007

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures.

tags | advisory, remote, denial of service, memory leak

systems | linux, mandriva

advisories | CVE-2007-2028

SHA-256 | 16cc2182d8b5e734c6db73d481075a284e427cf82b792b4d08a2bd8a0d356858

Download | Favorite | View