Lucene search
K

158 matches found

Cvelist
Cvelist
added 2021/02/01 1:13 p.m.22 views

CVE-2020-28194

Variable underflow exists in accel-ppp radius/packet.c when receiving a RADIUS vendor-specific attribute with length field is less than 2. It has an impact only when the attacker controls the RADIUS server, which can lead to arbitrary code execution...

9.6AI score0.02702EPSS
Exploits0References2
CVE
CVE
added 2021/02/01 1:13 p.m.66 views

CVE-2020-28194

CVE-2020-28194 affects accel-ppp (radius/packet.c) where a variable underflow occurs when receiving a RADIUS vendor-specific attribute whose length field is less than 2. This can lead to arbitrary code execution if the attacker controls the RADIUS server, per the NVD description. Credible referen...

9.8CVSS9.6AI score0.02702EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/12/15 12:0 a.m.33 views

Virtuozzo 7 : freeradius / freeradius-devel / freeradius-doc / etc (VZLSA-2019-1131)

An update for freeradius is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

9.8CVSS7.5AI score0.07624EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/11/04 12:0 a.m.23 views

RHEL 8 : freeradius:3.0 (RHSA-2020:4799)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4799 advisory. FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized...

7.5CVSS7AI score0.02168EPSS
Exploits0References9
OSV
OSV
added 2020/11/03 12:37 p.m.33 views

RLSA-2020:4799 Moderate: freeradius:3.0 security and bug fix update

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized authentication and authorization for a network. Security Fixes: freeradius: eap-pwd: DoS issues due to multithreaded BNCTX access CVE-2019-17185 Fo...

7.5CVSS7.8AI score0.02168EPSS
Exploits0References5
NVD
NVD
added 2020/10/27 9:15 p.m.18 views

CVE-2019-8531

A validation issue existed in Trust Anchor Management. This issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An untrusted radius server certificate may be truste...

9.8CVSS7.8AI score0.00792EPSS
Exploits0References3
Prion
Prion
added 2020/10/27 9:15 p.m.18 views

Input validation

A validation issue existed in Trust Anchor Management. This issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An untrusted radius server certificate may be truste...

7.5CVSS7.4AI score0.00792EPSS
Exploits0References3Affected Software3
Cvelist
Cvelist
added 2020/10/27 8:57 p.m.16 views

CVE-2019-8531

A validation issue existed in Trust Anchor Management. This issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An untrusted radius server certificate may be truste...

7.8AI score0.00792EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/09/29 7:44 p.m.54 views

Moderate: Red Hat Security Advisory: freeradius security and bug fix update

An update for freeradius is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS6.9AI score0.02168EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2020/04/15 12:0 a.m.33 views

EulerOS 2.0 SP3 : ppp (EulerOS-SA-2020-1426)

According to the versions of the ppp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions.CVE-2020-8597 - Buffer overflo...

9.8CVSS8.6AI score0.19582EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2020/04/07 12:0 a.m.38 views

Palo Alto Expedition Cross-Site Scripting

Multiple cross-site scripting XSS vulnerability exists in Palo ALto Expedition Migration Tool in versions less than or equal to 1.1.8 due to improper validation of user-supplied input before returning it to users. - An authenticated remote attacker may be able to inject arbitrary JavaScript or HT...

4.8CVSS5.1AI score0.01083EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2019/11/27 12:0 a.m.16 views

EulerOS 2.0 SP8 : ppp (EulerOS-SA-2019-2298)

According to the version of the ppp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Buffer overflow in the rcmksid function in plugins/radius/util.c in Paul's PPP Package ppp 2.4.6 and earlier, when the PID for pppd is greater than...

4.3CVSS8.2AI score0.05444EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.26 views

EulerOS 2.0 SP5 : ppp (EulerOS-SA-2019-2183)

According to the version of the ppp package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The ppp package contains the PPP Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting...

4.3CVSS8.1AI score0.05444EPSS
Exploits0References2
Fedora
Fedora
added 2019/08/13 1:59 a.m.25 views

[SECURITY] Fedora 29 Update: freeradius-3.0.19-3.fc29

The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many...

7CVSS2.5AI score0.00345EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2019/05/13 12:0 a.m.26 views

RHEL 8 : freeradius:3.0 (RHSA-2019:1142)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1142 advisory. FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow...

9.8CVSS7.8AI score0.07624EPSS
Exploits0References6
Fedora
Fedora
added 2019/04/23 8:15 p.m.36 views

[SECURITY] Fedora 29 Update: hostapd-2.7-2.fc29

hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. hostapd is designed to be a "daemon" program that runs in the back-ground a nd acts as the backe...

8.1CVSS3.8AI score0.04989EPSS
Exploits0
Fedora
Fedora
added 2019/04/23 6:49 p.m.14 views

[SECURITY] Fedora 28 Update: freeradius-3.0.19-1.fc28

The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many...

2.5AI score
Exploits0
Prion
Prion
added 2019/03/26 11:29 p.m.19 views

Design/Logic Flaw

The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings...

3.5CVSS5AI score0.01083EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2019/03/26 11:29 p.m.24 views

CVE-2019-1571

The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings...

4.8CVSS5AI score0.01083EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/03/26 10:8 p.m.27 views

CVE-2019-1571

The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings...

5AI score0.01083EPSS
Exploits1References3
Rows per page
Query Builder