CVE Vulnerabilities

CVE-2011-4966

Published: Mar 12, 2013 | Modified: Mar 19, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6 MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:P
RedHat/V2
2.1 LOW
AV:N/AC:H/Au:S/C:N/I:P/A:N
RedHat/V3
Ubuntu
LOW

modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password.

Affected Software

Name Vendor Start Version End Version
Freeradius Freeradius * *
Freeradius Freeradius * 2.2.0 (including)
Freeradius Freeradius 0.1 (including) 0.1 (including)
Freeradius Freeradius 0.2 (including) 0.2 (including)
Freeradius Freeradius 0.3 (including) 0.3 (including)
Freeradius Freeradius 0.4 (including) 0.4 (including)
Freeradius Freeradius 0.5 (including) 0.5 (including)
Freeradius Freeradius 0.6 (including) 0.6 (including)
Freeradius Freeradius 0.7 (including) 0.7 (including)
Freeradius Freeradius 0.7.1 (including) 0.7.1 (including)
Freeradius Freeradius 0.8 (including) 0.8 (including)
Freeradius Freeradius 0.8.1 (including) 0.8.1 (including)
Freeradius Freeradius 0.9 (including) 0.9 (including)
Freeradius Freeradius 0.9.0 (including) 0.9.0 (including)
Freeradius Freeradius 0.9.1 (including) 0.9.1 (including)
Freeradius Freeradius 0.9.2 (including) 0.9.2 (including)
Freeradius Freeradius 0.9.3 (including) 0.9.3 (including)
Freeradius Freeradius 1.0.0 (including) 1.0.0 (including)
Freeradius Freeradius 1.0.1 (including) 1.0.1 (including)
Freeradius Freeradius 1.0.2 (including) 1.0.2 (including)
Freeradius Freeradius 1.0.3 (including) 1.0.3 (including)
Freeradius Freeradius 1.0.4 (including) 1.0.4 (including)
Freeradius Freeradius 1.0.5 (including) 1.0.5 (including)
Freeradius Freeradius 1.1.0 (including) 1.1.0 (including)
Freeradius Freeradius 1.1.1 (including) 1.1.1 (including)
Freeradius Freeradius 1.1.2 (including) 1.1.2 (including)
Freeradius Freeradius 1.1.3 (including) 1.1.3 (including)
Freeradius Freeradius 1.1.4 (including) 1.1.4 (including)
Freeradius Freeradius 1.1.5 (including) 1.1.5 (including)
Freeradius Freeradius 1.1.6 (including) 1.1.6 (including)
Freeradius Freeradius 1.1.7 (including) 1.1.7 (including)
Freeradius Freeradius 1.1.8 (including) 1.1.8 (including)
Freeradius Freeradius 2.0 (including) 2.0 (including)
Freeradius Freeradius 2.0.1 (including) 2.0.1 (including)
Freeradius Freeradius 2.0.2 (including) 2.0.2 (including)
Freeradius Freeradius 2.0.3 (including) 2.0.3 (including)
Freeradius Freeradius 2.0.4 (including) 2.0.4 (including)
Freeradius Freeradius 2.0.5 (including) 2.0.5 (including)
Freeradius Freeradius 2.1.0 (including) 2.1.0 (including)
Freeradius Freeradius 2.1.1 (including) 2.1.1 (including)
Freeradius Freeradius 2.1.2 (including) 2.1.2 (including)
Freeradius Freeradius 2.1.3 (including) 2.1.3 (including)
Freeradius Freeradius 2.1.4 (including) 2.1.4 (including)
Freeradius Freeradius 2.1.6 (including) 2.1.6 (including)
Freeradius Freeradius 2.1.7 (including) 2.1.7 (including)
Freeradius Freeradius 2.1.8 (including) 2.1.8 (including)
Freeradius Freeradius 2.1.9 (including) 2.1.9 (including)
Freeradius Freeradius 2.1.10 (including) 2.1.10 (including)
Freeradius Freeradius 2.1.11 (including) 2.1.11 (including)
Freeradius Freeradius 2.1.12 (including) 2.1.12 (including)
Freeradius Ubuntu hardy *
Freeradius Ubuntu lucid *
Freeradius Ubuntu oneiric *
Freeradius Ubuntu precise *
Freeradius Ubuntu quantal *
Freeradius Ubuntu raring *
Freeradius Ubuntu upstream *
Red Hat Enterprise Linux 5 RedHat freeradius2-0:2.1.12-5.el5 *
Red Hat Enterprise Linux 6 RedHat freeradius-0:2.1.12-3.el6 *

References