Reset Search
 

 

Article

JSA10385 - Certain crafted packets can crash Steel-Belted Radius or hijack the server machine.

« Go Back

Information

 
Product AffectedSteel-Belted Radius v5.4.0 (Enterprise and Global Enterprise, Steel-Belted Radius v5.4.1 (Enterprise and Global Enterprise)
Problem
By sending crafted, invalid data to the TCP administration port (1813 by default) or the TCP control port (1812 by default) an attacker may be able to crash the SBR server process. An attacker may also be able to inject code that will run as root on the server machine.

If firewalls or other measures in your enterprise protect these ports well enough, then this vulnerability may not be serious for you.

This issue affects all versions of SBR built prior to July 31, 2008 running on Linux or Solaris platforms. Versions of SBR running on Windows platforms are not affected.
Solution
Pulse Secure has created a patch for each affected version.
Workaround
Implementation
Please see the attached document for instructions on installing the patches.
Related Links
CVSS Score
Risk AssessmentThis vulnerability is a remotely exploitable Denial of Service and hijack. An attacker requires no logon access or other privileges on the Steel-Belted Radius server.
Acknowledgements
Alert TypePSN - Product Support Notification
Risk LevelHigh
Attachment 2 
Legacy IDPSN-2008-07-029, JSA10385

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255