[Secure-testing-team] Bug#701151: pyrad: CVE-2013-0342: CreateID() creates serialized packet IDs for RADIUS
Salvatore Bonaccorso
carnil at debian.org
Fri Feb 22 06:17:28 UTC 2013
Package: pyrad
Version: 1.2-1
Severity: important
Tags: security
Control: found -1 2.0-2
Hi Jeremy
I'm sorry there was some confusion regarding #700669 related CVE's.
The original advisory contained two vulnerabilities, where the second
CVE was afterwards rejected.
According to [1] now, the second "CreateID() creates serialized packet
IDs for RADIUS" is still open, thus creating this bugreport.
See also Red Hat Bugreport[2], see specifically Comment 5[3].
[1]: http://marc.info/?l=oss-security&m=136151128112754&w=2
[2]: https://bugzilla.redhat.com/show_bug.cgi?id=911685
[3]: https://bugzilla.redhat.com/show_bug.cgi?id=911685#c5
Regards,
Salvatore
More information about the Secure-testing-team
mailing list