42 matches found
EUVD-2012-4494
Malware in sbrugna...
EUVD-2012-4451
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-32642
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - radsecproxy is a generic RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. Missing input validation in radsecproxy's naptr-eduroam.sh and...
CVE-2012-4566
The DTLS support in radsecproxy before 1.6.2 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spo...
Fedora: Security Advisory for radsecproxy (FEDORA-2021-a4be4c93e4)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for radsecproxy (FEDORA-2021-d3f8193065)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 34 Update: radsecproxy-1.9.0-1.fc34
radsecproxy is a generic RADIUS proxy that in addition to usual RADIUS UDP transport, also supports TLS RadSec, as well as RADIUS over TCP and DTLS. The aim is for the proxy to have sufficient features to be flexible, while at the same time to be small, efficient and easy to configure...
[SECURITY] Fedora 33 Update: radsecproxy-1.9.0-1.fc33
radsecproxy is a generic RADIUS proxy that in addition to usual RADIUS UDP transport, also supports TLS RadSec, as well as RADIUS over TCP and DTLS. The aim is for the proxy to have sufficient features to be flexible, while at the same time to be small, efficient and easy to configure...
Unauthorized Access
radsecproxy allows unauthorized access. Missing input validation in naptr-eduroam.sh and radsec-dynsrv.sh scripts can lead to configuration injection via malicious radsec peer discovery DNS records...
CVE-2021-32642
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. Missing input validation in radsecproxy's naptr-eduroam.sh and radsec-dynsrv.sh scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Informatio...
CVE-2021-32642
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. Missing input validation in radsecproxy's naptr-eduroam.sh and radsec-dynsrv.sh scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Informatio...
CVE-2021-32642
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. Missing input validation in radsecproxy's naptr-eduroam.sh and radsec-dynsrv.sh scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Informatio...
UBUNTU-CVE-2021-32642
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. Missing input validation in radsecproxy's naptr-eduroam.sh and radsec-dynsrv.sh scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Informatio...
CVE-2021-32642
radsecproxy is affected by CVE-2021-32642 due to missing input validation in the internal dyndisc scripts naptr-eduroam.sh and radsec-dynsrv.sh, which can allow configuration injection via crafted radsec peer discovery DNS records. reported impacts include information disclosure, DoS, and the red...
CVE-2021-32642 Missing input validation in dynamic discovery example scripts.
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. Missing input validation in radsecproxy's naptr-eduroam.sh and radsec-dynsrv.sh scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Informatio...
CVE-2021-32642
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. Missing input validation in radsecproxy's naptr-eduroam.sh and radsec-dynsrv.sh scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Informatio...
PT-2021-4266 · Unknown · Radsecproxy
Name of the Vulnerable Software and Affected Versions: radsecproxy affected versions not specified Description: The issue is related to missing input validation in radsecproxy's naptr-eduroam.sh and radsec-dynsrv.sh scripts, which can lead to configuration injection via crafted radsec peer...
Radsecproxy 注入漏洞
Radsecproxy is a general-purpose RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. An injection vulnerability exists in Radsecproxy versions prior to 1.9, which stems from a lack of input validation in the naptr-eduroam.sh and radsec-dynsrv.sh scripts, and could lead to...
Vulnerabilities of the Debian GNU/Linux operating system, which allow a remote attacker to compromise the confidentiality and integrity of protected information
The Debian GNU/Linux operating system’s radsecproxy package contains multiple vulnerabilities that, if exploited, may lead to breaches of the confidentiality and integrity of protected information. These vulnerabilities can be exploited remotely...
CVE-2012-4523
radsecproxy before 1.6.1 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof clients...