142 matches found
KB5040456: Windows Server 2012 R2 Security Update (July 2024)
The remote Windows host is missing security update 5040456. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...
KB5040437: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (July 2024)
The remote Windows host is missing security update 5040437. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...
RADIUS protocol susceptible to forgery attacks.
Overview A vulnerability in the RADIUS protocol allows an attacker allows an attacker to forge an authentication response in cases where a Message-Authenticator attribute is not required or enforced. This vulnerability results from a cryptographically insecure integrity check when validating...
KB5040430: Windows 10 version 1809 / Windows Server 2019 Security Update (July 2024)
The remote Windows host is missing security update 5040430. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...
KB5040431: Windows 11 version 21H2 Security Update (July 2024)
The remote Windows host is missing security update 5040431. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...
KB5040442: Windows 11 version 22H2 / Windows 11 version 23H2 Security Update (July 2024)
The remote Windows host is missing security update 5040442. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...
KB5040427: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (July 2024)
The remote Windows host is missing security update 5040427. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...
CVE-2023-39930
A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request...
Vulnerability fixed in Cisco Identity Services Engine
Cisco has fixed a vulnerability in Identity Services Engine. An unauthenticated malicious person could exploit the vulnerability to cause a denial-of-service. The vulnerability is located in the way RADIUS is processed. Sending specially prepared RADIUS packets can cause the system stop processin...
SUSE CVE-2022-41861
A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash...
[SECURITY] Fedora 36 Update: freeradius-3.0.26-1.fc36
The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many...
Fedora: Security Advisory for freeradius (FEDORA-2022-98832b2cc2)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
UBUNTU-CVE-2022-41861
A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash...
PT-2022-6503 · Wind River · Vxworks
Name of the Vulnerable Software and Affected Versions: Wind River VxWorks versions 6.9 through 7 Description: The issue allows a specifically crafted packet sent by a Radius server to cause Denial of Service during the IP Radius access procedure. This is related to the execution of a loop with an...
CVE-2022-41097
Network Policy Server NPS RADIUS Protocol Information Disclosure Vulnerability...
CVE-2022-41056
Network Policy Server NPS RADIUS Protocol Denial of Service Vulnerability...
CVE-2022-41097
Network Policy Server NPS RADIUS Protocol Information Disclosure Vulnerability...
CVE-2022-41056
Network Policy Server NPS RADIUS Protocol Denial of Service Vulnerability...
CVE-2022-41097 Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability
...
KLA20047 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation...