CVE-2012-4566

Name of the Vulnerable Software and Affected Versions radsecproxy versions prior to 1.6.2

Description The issue concerns multiple vulnerabilities in the radsecproxy package of the Debian GNU/Linux operating system, which can be exploited remotely to compromise the confidentiality and integrity of protected information. A specific vulnerability in the DTLS support of radsecproxy allows remote attackers to bypass access restrictions and spoof clients due to improper certificate verification when there are unrelated CA settings in the configuration.

Recommendations For versions prior to 1.6.2, update to version 1.6.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the DTLS functionality until a patch is applied.