Improper Authentication in freeradius (Alpine package)

1) Improper Authentication

EUVDB-ID: #VU18335

Risk: Medium

CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-11234

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error related to processing authentication tokens. A remote attacker can execute a reflection attack and bypass authentication process.

This vulnerability was dubbed "Dragonblood".

Mitigation

Install update from vendor's website.

Vulnerable software versions

freeradius (Alpine package): 3.0.9-r0 - 3.0.13-r2

External links

http://git.alpinelinux.org/aports/commit/?id=69138d98cebd2ab4efee5ac34450ed828d482d2c
http://git.alpinelinux.org/aports/commit/?id=39ad148a1b03ffa56801c3ded59b34d6ac0e4dd1
http://git.alpinelinux.org/aports/commit/?id=5000ff06e26f8e780cec024850772451991b14d4
http://git.alpinelinux.org/aports/commit/?id=03e34b1adafe3bbf545854f14971aa8e0142c1aa
http://git.alpinelinux.org/aports/commit/?id=065f2876051f76809327b30c47239ed3b8db0bd5
http://git.alpinelinux.org/aports/commit/?id=354ae2b18aa0dbbd1760f1152adc8699967a4ce3
http://git.alpinelinux.org/aports/commit/?id=77eea063d8f0ef7ac9a99e7a070e5d5fabe3d777
http://git.alpinelinux.org/aports/commit/?id=d19f2800a1df00c0d730c8a31045e0f54ef3404f

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.