Fedora 39 : krb5 (2024-862f5c4156)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-862f5c4156 advisory. Security: CVE-2024-3596: Fix for BlastRADIUS vulnerability in libkrad support for Message-Authenticator attribute Marvin attack: Removal of the RSA method fo...

Fedora 40 : krb5 (2024-29a74ac2b0)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-29a74ac2b0 advisory. Security: CVE-2024-3596: Fix for BlastRADIUS vulnerability in libkrad support for Message-Authenticator attribute Marvin attack: Removal of the RSA method fo...

Fedora: Security Advisory (FEDORA-2024-29a74ac2b0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : krb5 (2024-c0961d31b8)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-c0961d31b8 advisory. Security: CVE-2024-3596: Fix for BlastRADIUS vulnerability in libkrad support for Message-Authenticator attribute Marvin attack: Removal of the RSA method fo...

freeradius:3.0 security update

3.0.20-15 - Backport BlastRADIUS CVE fix Resolves: RHEL-46572...

freeradius security update

3.0.21-40 - Backport fixes for BlastRADIUS CVE Resolves: RHEL-46566...

GHSA-VHMJ-5Q9R-MM9G BlastRADIUS also affects eduMFA

Summary BlastRADIUS see blastradius.fail for details also affects eduMFA prior version 2.2.0, because the Message-Authenticator attributes were not checked. Details Website with the vulnerability information blastradius.fail The original vulnerability has been assigned CVE-2024-3596 Case in vince...

BlastRADIUS also affects eduMFA

Summary BlastRADIUS see blastradius.fail for details also affects eduMFA prior version 2.2.0, because the Message-Authenticator attributes were not checked. Details Website with the vulnerability information blastradius.fail The original vulnerability has been assigned CVE-2024-3596 Case in vince...

Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool

Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass. Cataloged as CVE-2024-5910 CVSS score: 9.3, the vulnerability has been described as a case of missing authentication in its...

RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks

Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle MitM attacks and bypass integrity checks under certain circumstances. "The RADIUS protocol allo...

Unfixed XSS vulnerability at www.blastradius.com

Security researcher MaXWeL, has submitted on 03/06/2007 a cross-site-scripting XSS vulnerability affecting www.blastradius.com, which at the time of submission ranked 148156 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/06/2007. It is...