freeradius: Very highly Configurable Radius-Server
----------------------------------------------------------------------
File: freeradius-1.0.5-2.14.i586.rpm
Patchrpm: freeradius-1.0.5-2.14.i586.patch.rpm
Version: 1.0.5-2.14
Size: 1682 kB
Patchsize: 1367 kB
Date: Sat 25 Mar 2006 4:58:10 CET
Source: freeradius-1.0.5-2.14.src.rpm
Security: Yes
----------------------------------------------------------------------
Description: A validation issue exists with the EAP-MSCHAPv2 module in FreeRADIUS.

Insufficient input validation was being done in the EAP-MSCHAPv2 state machine.
A malicious attacker could manipulate their EAP-MSCHAPv2 client state machine
to potentially convince the server to bypass authentication checks. This
bypassing could also result in the server crashing.

This is tracked by the Mitre CVE ID CVE-2006-1354.