{ "id": "CVE-2011-4966", "sourceIdentifier": "secalert@redhat.com", "published": "2013-03-12T23:55:01.337", "lastModified": "2024-11-21T01:33:22.790", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password." }, { "lang": "es", "value": "modules/rlm_unix/rlm_unix.c en FreeRADIUS anterior a v2.2.0, cuando el modo unix est\u00e1 activado para la autenticaci\u00f3n de usuarios, no valida adecuadamente la expiraci\u00f3n de la contrase\u00f1a en /etc/shadow, lo que permite a usuarios autenticados remotamente validarse mediante una contrase\u00f1a caducada." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "baseScore": 6.0, "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 6.8, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-255" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*", "matchCriteriaId": "45C6E852-B6B5-4598-84B0-8D55932928F8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*", "versionEndIncluding": "2.2.0", "matchCriteriaId": "5FFA82DC-988E-4351-B8AD-ACC4E73625F0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "EE9FC274-5453-4A3D-9FD4-55D2E0283D0B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AEDD86F-92B9-43EC-80E3-54010E249FC6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "BFDB110B-4057-4BA4-993A-9DA14888A093" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "52C8708B-4D1A-48A7-87DF-DF4B53E66D06" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "0369C1A6-A0FE-4BF8-89F5-5ED384565DAC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "87DBE446-220E-4838-808D-AA67C0254051" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "E42DCF34-E0AE-4DAC-83EE-4A344768C673" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "EBBD2835-6588-44AC-B0FE-534855AF9537" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "1638CC08-8886-4863-8532-883A8616592F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "0E4FD4F2-0449-4562-ABF2-927206CB77DD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.9:*:*:*:*:*:*:*", "matchCriteriaId": "636F3F00-97A5-4497-A6A9-722AFC5BD689" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "660E3D6D-414D-436D-B256-0B49E701F757" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "EECDFCD7-0189-4C59-842D-C5F9064033A0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "1D3EC2A3-5FB6-4D39-B1EA-C8E17AF1F0B2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "AD634946-ED9B-47EB-8D0F-88EA6057D17C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "49152208-4DBD-4AF7-BCB3-3D56650899F7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "90AF846A-F239-4963-B260-7CB48334B8B4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E95ADE53-BFBE-4B06-A1BF-EF576D567554" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F03F8FE-80BA-41A3-85CE-FFB6A18E6DCE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "4C48FE12-68CB-462D-B75E-204894325F5D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "1321F1E7-4B14-4B16-91D0-AE9E9951D12A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "313EFEC5-1580-4ACE-BB9C-84E3714F2C37" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E023DE32-302F-42CC-8C3A-68CFFB400609" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDE68525-9B4E-4444-BAD3-1F98BCF9C312" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "5B93BEF0-09C1-4DF8-8761-582DE975F306" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "8ACE0558-F9FC-4B2C-96BD-7146D32A1637" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4F927232-6275-497E-BF09-B4DCF19642C0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "F07F89D7-504B-4892-9840-A3FED5274F5A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "7E1917D7-8E6B-4208-A632-CC2C25FEF1BC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "2121418C-4710-447D-9582-F535EDD2BF36" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "D5C0C0C3-970F-4936-BEBB-19FACF4E958B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "9C4A43D5-03CA-4AAA-98A8-4EC86EC3EACB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "8DDB64CF-D48E-4E3E-A1E8-B6AE330A6C99" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "25BF923C-F7CD-4232-8613-B1F09C7B9A35" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "6A113B67-B9B6-421C-9EC9-E1FB462A4214" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "6518E4DA-9531-4135-8462-A9E3BDD7AE38" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5B92B1F7-8139-4D5A-9461-0C7314BCCBC5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C5CAEB64-0676-4C18-8255-DACDA612188E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "17F7A434-49DC-4005-9161-F2B49559621F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "7A54D59A-B832-4EE3-A8D6-A85EC17C268A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "D494932F-F639-44BE-B15C-7F07A67B0502" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "D2D45784-C53B-4A11-B1B3-BC68B514002D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "E969979B-2852-453D-AF48-A462448D4C62" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "0E56E3E2-9142-47F5-B53E-61ACE4FA9A90" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "CE0CFEA6-1AC0-41AA-BEF0-16FE1A933758" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "C593C44B-CB2B-4C38-A44D-BA1BC9BF3CDB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "908DA549-0EE5-4B85-961F-1C67210F6AED" }, { "vulnerable": true, "criteria": "cpe:2.3:a:freeradius:freeradius:2.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "91FBBBC1-7106-4DA1-BBCF-9D776BB082ED" } ] } ] } ], "references": [ { "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00029.html", "source": "secalert@redhat.com" }, { "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00079.html", "source": "secalert@redhat.com" }, { "url": "http://rhn.redhat.com/errata/RHBA-2012-0881.html", "source": "secalert@redhat.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2013-0134.html", "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "https://github.com/alandekok/freeradius-server/commit/1b1ec5ce75e224bd1755650c18ccdaa6dc53e605", "source": "secalert@redhat.com" }, { "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00029.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00079.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://rhn.redhat.com/errata/RHBA-2012-0881.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://rhn.redhat.com/errata/RHSA-2013-0134.html", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "https://github.com/alandekok/freeradius-server/commit/1b1ec5ce75e224bd1755650c18ccdaa6dc53e605", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }