Lucene search
GoogleOSV:CVE-2024-3596HistoryJul 09, 2024 - 12:15 p.m.
CVE-2024-3596
2024-07-0912:15:20
Google
osv.dev
5
cve-2024-3596
radius protocol
rfc 2865
forgery attacks
local attacker
chosen-prefix collision
md5 response authenticator
AI Score
6.8
Confidence
Low
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
References
www.openwall.com/lists/oss-security/2024/07/09/4
datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/
datatracker.ietf.org/doc/html/rfc2865
networkradius.com/assets/pdf/radius_and_md5_collisions.pdf
psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014
security-tracker.debian.org/tracker/CVE-2024-3596
www.blastradius.fail/
Related
redhat
redhat
(RHSA-2024:4829) Important: freeradius:3.0 security update
2024-07-24 12:41:34
(RHSA-2024:4828) Important: freeradius security update
2024-07-24 12:41:26
(RHSA-2024:4874) Important: freeradius:3.0 security update
2024-07-25 15:40:29
nvd
nvd
CVE-2024-3596
2024-07-09 12:15:20
nessus
nessus
RHEL 9 : freeradius (RHSA-2024:4912)
2024-07-31 00:00:00
F5 Networks BIG-IP : RADIUS authentication vulnerability (K000141008)
2024-09-09 00:00:00
RHEL 9 : freeradius (RHSA-2024:4828)
2024-07-24 00:00:00
rocky
rocky
freeradius:3.0 security update
2024-08-01 01:28:22
freeradius security update
2024-08-01 01:29:16
debiancve
debiancve
CVE-2024-3596
2024-07-09 12:15:20
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-c395d8fef4)
2024-08-06 00:00:00
Mageia: Security Advisory (MGASA-2024-0264)
2024-07-15 00:00:00
openSUSE: Security Advisory for freeradius (SUSE-SU-2024:2359-1)
2024-07-12 00:00:00
cert
cert
RADIUS protocol susceptible to forgery attacks.
2024-07-09 00:00:00
github
github
BlastRADIUS also affects eduMFA
2024-07-17 16:01:37
githubexploit
githubexploit
Exploit for CVE-2024-3596
2024-07-09 19:44:40
cvelist
cvelist
osv
osv
Important: freeradius security update
2024-08-01 01:29:16
Important: freeradius:3.0 security update
2024-07-31 00:00:00
BlastRADIUS also affects eduMFA
2024-07-17 16:01:37
mscve
mscve
CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability
2024-07-09 07:00:00
cve
cve
CVE-2024-3596
2024-07-09 12:15:20
almalinux
almalinux
Important: freeradius security update
2024-07-31 00:00:00
Important: freeradius:3.0 security update
2024-07-31 00:00:00
oraclelinux
oraclelinux
freeradius security update
2024-07-31 00:00:00
freeradius:3.0 security update
2024-07-31 00:00:00
paloalto
paloalto
fedora
fedora
[SECURITY] Fedora 39 Update: freeradius-3.2.5-1.fc39
2024-07-18 04:06:37
arista
arista
Security Advisory 0101
2024-07-09 00:00:00
ubuntucve
ubuntucve
CVE-2024-3596
2024-07-09 00:00:00
ics
ics
Siemens SCALANCE, RUGGEDCOM, SIPLUS, and SINEC
2024-07-11 12:00:00
amazon
amazon
Important: freeradius
2024-08-01 03:01:00
redhatcve
redhatcve
CVE-2024-3596
2024-07-09 14:51:24
thn
thn
RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
2024-07-09 12:39:00
Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool
2024-07-11 15:19:00
Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited
2024-07-10 11:05:00
f5
f5
K000141008: RADIUS authentication vulnerability CVE-2024-3596
2024-09-10 00:00:00
vulnrichment
vulnrichment
cisco
cisco
RADIUS Protocol Spoofing Vulnerability (Blast-RADIUS): July 2024
2024-07-10 16:00:00
mageia
mageia
Updated freeradius packages fix security vulnerability
2024-07-14 08:23:38
mskb
mskb
July 9, 2024âKB5040490 (Security-only update)
2024-08-13 07:00:00
July 9, 2024âKB5040499 (Monthly Rollup)
2024-08-13 07:00:00
July 9, 2024âKB5040498 (Security-only update)
2024-08-13 07:00:00
kaspersky
kaspersky
KLA70412 Multiple vulnerabilities in Microsoft Products (ESU)
2024-07-09 00:00:00
KLA70416 Multiple vulnerabilities in Microsoft Windows
2024-07-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - July 2024
2024-07-09 20:03:58