Upstream information

CVE-2011-4966 at MITRE

Description

modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 6
Vector AV:N/AC:M/Au:S/C:P/I:P/A:P
Access Vector Network
Access Complexity Medium
Authentication Single
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entry: 797313 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 11 SP2
  • freeradius-server >= 2.1.1-7.16.1
  • freeradius-server-dialupadmin >= 2.1.1-7.16.1
  • freeradius-server-doc >= 2.1.1-7.16.1
  • freeradius-server-libs >= 2.1.1-7.16.1
  • freeradius-server-utils >= 2.1.1-7.16.1
Patchnames:
slessp2-freeradius-server
SUSE Linux Enterprise Server 11 SP3
  • freeradius-server >= 2.1.1-7.16.7
  • freeradius-server-dialupadmin >= 2.1.1-7.16.7
  • freeradius-server-doc >= 2.1.1-7.16.7
  • freeradius-server-libs >= 2.1.1-7.16.7
  • freeradius-server-utils >= 2.1.1-7.16.7
Patchnames:
SUSE Linux Enterprise Server 11 SP3 GA freeradius-server
SUSE Linux Enterprise Server 11 SP4
  • freeradius-server >= 2.1.1-7.18.1
  • freeradius-server-dialupadmin >= 2.1.1-7.18.1
  • freeradius-server-doc >= 2.1.1-7.18.1
  • freeradius-server-libs >= 2.1.1-7.18.1
  • freeradius-server-utils >= 2.1.1-7.18.1
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA freeradius-server
SUSE Linux Enterprise Server for VMWare 11 SP2
  • freeradius-server >= 2.1.1-7.16.1
  • freeradius-server-dialupadmin >= 2.1.1-7.16.1
  • freeradius-server-doc >= 2.1.1-7.16.1
  • freeradius-server-libs >= 2.1.1-7.16.1
  • freeradius-server-utils >= 2.1.1-7.16.1
Patchnames:
slessp2-freeradius-server
SUSE Linux Enterprise Software Development Kit 11 SP2
  • freeradius-server-devel >= 2.1.1-7.16.1
  • freeradius-server-libs >= 2.1.1-7.16.1
Patchnames:
sdksp2-freeradius-server
SUSE Linux Enterprise Software Development Kit 11 SP4
  • freeradius-server-devel >= 2.1.1-7.18.1
  • freeradius-server-libs >= 2.1.1-7.18.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA freeradius-server-devel
SUSE Linux Enterprise Software Development Kit 11 SP2
  • freeradius-server-devel >= 2.1.1-7.16.1
  • freeradius-server-libs >= 2.1.1-7.16.1
Builds
SAT Patch Nr: 7255
SUSE Linux Enterprise Software Development Kit 11 SP2
  • freeradius-server-devel >= 2.1.1-7.16.1
Builds
SAT Patch Nr: 7255
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • freeradius-server >= 2.1.1-7.16.1
  • freeradius-server-dialupadmin >= 2.1.1-7.16.1
  • freeradius-server-doc >= 2.1.1-7.16.1
  • freeradius-server-libs >= 2.1.1-7.16.1
  • freeradius-server-utils >= 2.1.1-7.16.1
Builds
SAT Patch Nr: 7255


Status of this issue by product and package

Product(s) Source package State
SUSE Linux Enterprise SDK 11 SP1 freeradius-server Released
SUSE Linux Enterprise SDK 11 SP2 freeradius-server Released
SUSE Linux Enterprise Server 11 SP1 freeradius-server Released
SUSE Linux Enterprise Server 11 SP1 LTSS freeradius-server Released
SUSE Linux Enterprise Server 11 SP2 freeradius-server Released
SUSE Linux Enterprise Server 11 SP2 LTSS freeradius-server Released
SUSE Linux Enterprise Server for SAP AIO 11 SP1 freeradius-server Released