[SBR] Patches for Steel-Belted Radius Enterprise and Global Enterprise for OpenSSL Vulnerability
Summary:
This article provides basic information for the OpenSSL vulnerability documented in CVE-2014-0224.
Important: This article ONLY applies to Steel-Belted Radius Enterprise Release 6.10-6.17 and Steel-Belted Radius Global Enterprise Release 6.10-6.17.
This article does not address Steel-Belted Radius Carrier Release 7.x/8.x. Please contact JTAC directly for information regarding this version.
Symptoms:
Steel-Belted Radius version 6.1x has been identified as being vulnerable to the OpenSSL vulnerability discussed in Vulnerability Summary for CVE-2014-0224.
This article will provide access to and instructions for installing the patched libraries.
Cause:
Solution:
Steel-Belted Radius is supported on three platforms; Windows, Linux and Solaris (Sparc).
Download the appropriate archive file from this article and extract to a temporary directory on your server:
Windows x86 and x64
Linux
Solaris
Windows:
- Stop the Steel-Belted Radius service via the 'services' control panel.
- Once stopped, copy the files located in the archive to "C:\Program Files\Common Files\Funk Software\" or "C:\Program Files (x86)\Common Files\Funk Software\" depending on the operating system version.
- Start the Steel-Belted Radius service and verify that the server starts by logging into the Web Admin.
Linux/Solaris:
- Stop the Steel-Belted Radius daemon by issuing the command : ./sbrd stop from within the /opt/JNPRsbr/radius directory.
- Use the
chmod
command to change the permissions on the libraries to rwxr-xr-x. Issue the command : chmod 755 *.so
in the temporary directory. - Once the daemon is stopped, copy the files in the temporary directory to
/opt/JNPRsbr/radius/system/lib
- Start the Steel-Belted Radius daemon by issuing the command :
./sbrd start
from within the /opt/JNPRsbr/radius directory. - Verify that the server has started by logging into the Web Admin.
Related Links: