FreeRADIUS prior to 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freeradius freeradius |
||
fedoraproject fedora - |
||
redhat enterprise linux server aus 7.6 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux workstation 7.0 |
||
redhat enterprise linux server tus 7.6 |
||
redhat enterprise linux eus 7.6 |
||
redhat enterprise linux 7.0 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 19.04 |
||
canonical ubuntu linux 18.10 |
||
opensuse leap 15.0 |