Several remote vulnerabilities have been discovered in freeradius, a high-performance RADIUS server, which may lead to SQL injection or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-4745 An SQL injection vulnerability has been discovered in the rlm_sqlcounter module. CVE-2005-4746 Multiple buffer overflows have been discovered, allowing denial of service. For the stable distribution (sarge) these problems have been fixed in version 1.0.2-4sarge3. For the unstable distribution (sid) these problems have been fixed in version 1.0.5-1. We recommend that you upgrade your freeradius packages.
Several remote vulnerabilities have been discovered in freeradius, a high-performance RADIUS server, which may lead to SQL injection or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems:
An SQL injection vulnerability has been discovered in the rlm_sqlcounter module.
Multiple buffer overflows have been discovered, allowing denial of service.
For the stable distribution (sarge) these problems have been fixed in version 1.0.2-4sarge3.
For the unstable distribution (sid) these problems have been fixed in version 1.0.5-1.
We recommend that you upgrade your freeradius packages.
MD5 checksums of the listed files are available in the original advisory.