Not a user yet?
Log in Register for free Suggest a product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Update

USN-7055-1: FreeRADIUS vulnerability

Ubuntu DesktopUbuntu Desktop
Canonical
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

USN-7055-1: FreeRADIUS vulnerability
3 October 2024

A system authentication measure could be bypassed.

Releases
Ubuntu 24.04 LTS Ubuntu 22.04 LTS Ubuntu 20.04 LTS

Packages
freeradius - high-performance and highly configurable RADIUS server

Details
Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc
Stevens, and Adam Suhl discovered that FreeRADIUS incorrectly authenticated
certain responses. An attacker able to intercept communications between a
RADIUS client and server could possibly use this issue to forge responses,
bypass authentication, and access network devices and services.

This update introduces new configuration options called “limit_proxy_state”
and “require_message_authenticator” that default to “auto” but should be
set to “yes” once all RADIUS devices have been upgraded on a network.

**Update instructions
**The problem can be corrected by updating your system to the following package versions:

Ubuntu 24.04
freeradius - 3.2.5+dfsg-3~ubuntu24.04.1

Version: 24.04 LTS Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Canonical Ubuntu Desktop updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad