-------------------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200311-04
-------------------------------------------------------------------------------
          Package : net-dialup/freeradius
          Summary : FreeRADIUS heap exploit and NULL pointer derefence exploits
             Date : 2003-11-23
          Exploit : remote
Versions Affected : <= 0.9.2
    Fixed Version : >= 0.9.3
    Gentoo Bug ID : #33989
              CVE : - None -
         Priority : Normal
-------------------------------------------------------------------------------

SUMMARY:
========

FreeRADIUS versions below 0.9.3 are vulnerable to a heap exploit, however, the 
attack code must be in the form of a valid RADIUS packet which limits the 
possible exploits. 
 
Also corrected in the 0.9.3 release is another vulnerability which causes the 
RADIUS server to de-reference a NULL pointer and crash when an Access-Request 
packet with a Tunnel-Password is received. 
 
Please see the announcement at: http://www.securitytracker.com/alerts/2003/Nov/
1008263.html for more details regarding the issue. 

SOLUTION:
=========

Users are encouraged to perform an 'emerge --sync' and upgrade the package to 
the latest available version - 0.9.3 is available in portage and is marked as 
stable. 
