freeradius: forgery attack

A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...

EUVD-2024-32175

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...

Information disclosure

The RADIUS implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service device reload via crafted IPv6 Attributes in Access-Accept packets, aka Bug IDs CSCur84322 and CSCur27693...

CVE-2015-0598

The CVE-2015-0598 entry describes a denial-of-service in Cisco IOS/IOS XE due to the RADIUS implementation when processing crafted IPv6 Attributes in Access-Accept packets (Bug IDs CSCur84322 and CSCur27693). Affected products are Cisco IOS and IOS XE; the issue enables remote attackers to trigge...

Cisco IOS and IOS XE RADIUS Implementation Denial of Service Vulnerability

Cisco IOS and IOS-XE are both operating systems developed by Cisco for its network devices. A security vulnerability exists in the RADIUS implementation of Cisco IOS and IOS XE. A remote attacker could exploit this vulnerability to cause a denial of service device reload with the help of speciall...