How To: Nitro API Authentication for RADIUS Access-Challenge Response

When NITRO API is used to manage or get information from a NetScaler, a session must be authenticated first. Depending on the authentication factors configured for NetScaler Management, different NITRO API resources should be used. If one of the authentication factors used, responds with a...

Fortinet Fortigate SSH authentication bypass when RADIUS authentication is used (FG-IR-22-255)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-255 advisory. - An authentication bypass by assumed-immutable data vulnerability CWE-302 in the FortiOS SSH login component 7.2.0, 7.0.0...

CVE-2022-35843

An authentication bypass by assumed-immutable data vulnerability CWE-302 in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allo...

OpenSSH 3.x - Challenge-Response Buffer Overflow (2)

source: https://www.securityfocus.com/bid/5093/info The OpenSSH team has reported two vulnerabilities in OpenSSH that are remotely exploitable and may allow for unauthenticated attackers to obtain root privileges. The conditions are related to the OpenSSH SSH2 challenge-response mechanism. They...