The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://www.freeradius.org/security.html#1.1.0 http://secunia.com/advisories/19300/ http://www.vuxml.org/freebsd/37a5c10f-bf56-11da-b0e9-00123ffe8333.html

The following package is affected: freeradius CVE-2006-1354 Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via 'Insufficient input validation' in the EAP-MSCHAPv2 state machine module.