Title: FreeRADIUS Excessive Memory Usage Remote DoS Vulnerability
Severity: MODERATE
Description:
FreeRADIUS is a RADIUS authentication server derived from the Cistron source base. While it supports radius extensions as defined under RFC 2865, it allocates a static amount of memory for each extension found in a RADIUS acounting packet. By default, this is 324 bytes.
Under the RADIUS specification, a packet may grow to up to 4096 bytes in size. While specific analysis varies, there is a consensus that this could result in at least 512K of memory consumption on the FreeRADIUS server. Thus, a reasonable amount of bandwidth commited to a flooding attack could easily eat up all available memory on the server.
This memory consumption could lead to degraded performance on the server, or a remote denial of service attack.
It is possible that other RADIUS servers based on the Cistron/FreeRADIUS source code are also vulnerable.
Affected Products:
- FreeRADIUS FreeRADIUS 0.3.0
References:
- 3APA3A <3APA3A@security.nnov.ru>: FreeRADIUS Excessive Memory Consumption
- FreeRADIUS: FreeRADIUS homepage
- Internet Engineering Task Force: RFC 2138: Remote Authentication Dial In User Service
- Internet Engineering Task Force: RFC 2869: RADIUS Extensions
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
