The vulnerability of the Protected Extensible Authentication Protocol (PEAP) implementation in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Protected Extensible Authentication Protocol PEAP implementation in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

The vulnerability of the Protected Extensible Authentication Protocol (PEAP) implementation in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Protected Extensible Authentication Protocol PEAP implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted PEAP packets...

The vulnerability of the Protected Extensible Authentication Protocol (PEAP) implementation in Windows operating systems allows a perpetrator to induce a service failure.

The vulnerability of the Protected Extensible Authentication Protocol PEAP implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the Protected Extensible Authentication Protocol (PEAP) implementation in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Protected Extensible Authentication Protocol PEAP implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted PEAP packets...

The vulnerability of the Protected Extensible Authentication Protocol (PEAP) implementation in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Protected Extensible Authentication Protocol PEAP implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

SUSE CVE-2005-0097

The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service crash via a malformed NTLM type 3 message that triggers a NULL dereference...

SUSE CVE-2006-1354

Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service server crash via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module...

SUSE CVE-2006-2213

Hostapd 0.3.7-2 allows remote attackers to cause a denial of service segmentation fault via an unspecified value in the keydatalength field of an EAPoL frame...

SUSE CVE-2009-0582

The ntlmchallenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server aka evolution-data-server 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount o...

SUSE CVE-2015-4146

The EAP-pwd peer implementation in hostapd and wpasupplicant 1.0 through 2.4 does not clear the L Length and M More flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service crash via a crafted message...

SUSE CVE-2015-5314

The eappwdprocess function in eapserver/eapserverpwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with 1 an internal EAP server or 2 a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote...

SUSE CVE-2015-5315

The eappwdprocess function in eappeer/eappwd.c in wpasupplicant 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a network configuration profile, which allows remote attackers to cause a denial of service process...

SUSE CVE-2015-8023

The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message...

SUSE CVE-2016-2141

It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information...

SUSE CVE-2018-11574

Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files...

SUSE CVE-2019-11555

The EAP-pwd implementation in hostapd EAP server before 2.8 and wpasupplicant EAP peer before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference denial ...

CVE-2023-21701

Microsoft Protected Extensible Authentication Protocol PEAP Denial of Service Vulnerability...

CVE-2023-21701

Microsoft Protected Extensible Authentication Protocol PEAP Denial of Service Vulnerability...

CVE-2023-21695

Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...

CVE-2023-21692

Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...