QwikSec

Security Database

CVE

CWE

Training

CVE-2011-2701

Published: Aug 4, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when OCSP is enabled, does not properly parse replies from OCSP responders, which allows remote attackers to bypass authentication by using the EAP-TLS protocol with a revoked X.509 client certificate.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

freeradius-certificate-security-bypass(68782)

vdb-entry

x_refsource_XF

[oss-security] 20110715 CVE request: vulnerability in FreeRADIUS (OCSP)

mailing-list

x_refsource_MLIST

[oss-security] 20110718 Re: CVE request: vulnerability in FreeRADIUS (OCSP)

mailing-list

x_refsource_MLIST

third-party-advisory

x_refsource_SECUNIA

20110725 [DSB-2011-01] Security Advisory FreeRADIUS 2.1.11

mailing-list

x_refsource_BUGTRAQ

https://www.dfn-cert.de/informationen/Sicherheitsbulletins/dsb-2011-01.html

x_refsource_MISC

third-party-advisory

x_refsource_SREASON

vdb-entry

x_refsource_SECTRACK

https://bugzilla.redhat.com/show_bug.cgi?id=724815

x_refsource_MISC

[oss-security] 20110720 Re: CVE request: vulnerability in FreeRADIUS (OCSP)

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.