On Tue, Apr 8, 2014 at 9:35 PM, Alan DeKok <aland@deployingradius.com> wrote:
Thanks to Jouni Malinen for providing test cases and more detailed information about the bug.
Unfortunately, it looks like this is not as clear as this statement seems to indicate. It turned out that my initial setup did not show the issue (and I still cannot reproduce it on that setup for some unknown reason). However, a fresh installation of the exact same FreeRADIUS version (and also couple of other versions I tested) on a virtual host with a different OS variant does seem to indicated limited form of this OpenSSL vulnerability being triggerable through FreeRADIUS EAP PEAP/TTLS implementation. This does not seem to open as large a window for getting useful data as other use cases with OpenSSL, but it is unknown whether some critical memory contents could be revealed. - Jouni