Lucene search
+L

38 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in krb5

The RADIUS protocol, as described in RFC 2865, is vulnerable to forgery attacks by local attackers who can modify any valid response—whether an Access-Accept, Access-Reject, or Access-Challenge response—into any other response, using a chosen-prefix collision attack against the MD5 Response...

9CVSS7.8AI score0.14859EPSS
Exploits2References2
nessus
nessus
added 2026/04/08 12:0 a.m.13 views

Juniper Junos OS Vulnerability (JSA100056)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100056 advisory. - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge t...

9CVSS7AI score0.14859EPSS
Exploits2References2
osv
osv
added 2025/03/27 7:23 p.m.8 views

CLSA-2025-1743103421 freeradius: Fix of CVE-2024-3596

CVE-2024-3596: fix chosen-prefix collision attack against MD5 Response Authenticator signature that allowed malicious modification of valid RADIUS responses...

9CVSS7.3AI score0.14859EPSS
Exploits2References1
openvas
openvas
added 2024/12/03 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2024-0385)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS9.7AI score0.14859EPSS
Exploits2References4
f5
f5
added 2024/09/09 10:1 p.m.62 views

K000141008: RADIUS authentication vulnerability CVE-2024-3596

Security Advisory Description RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator...

9CVSS7.2AI score0.14859EPSS
Exploits2Affected Software16
nessus
nessus
added 2024/09/09 12:0 a.m.48 views

F5 Networks BIG-IP : RADIUS authentication vulnerability (K000141008)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2 / Hotfix- BIGIP-15.1.10.5.0.28.10-ENG.iso / Hotfix-BIGIP-16.1.5.1.0.13.7-ENG.iso / Hotfix-BIGIP-17.1.1.4.0.100.9-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000141008...

9CVSS8AI score0.14859EPSS
Exploits2References2
nessus
nessus
added 2024/08/17 12:0 a.m.36 views

Amazon Linux 2 : freeradius (ALAS-2024-2611)

The version of freeradius installed on the remote host is prior to 3.0.27-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2611 advisory. RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response...

9CVSS8AI score0.14859EPSS
Exploits2References4
osv
osv
added 2024/07/19 11:8 a.m.7 views

OESA-2024-1878 freeradius security update

Remote Authentication Dial-In User Service RADIUS is a networking protocol that provides centralized Authentication, Authorization, and Accounting AAA or Triple A management for users who connect and use a network service. Security Fixes: RADIUS Protocol under RFC 2865 is susceptible to forgery...

9CVSS6.8AI score0.14859EPSS
Exploits2References2
openvas
openvas
added 2024/07/12 12:0 a.m.14 views

openSUSE Security Advisory (SUSE-SU-2024:2366-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.6AI score0.14859EPSS
Exploits2References4
openvas
openvas
added 2024/07/12 12:0 a.m.25 views

openSUSE Security Advisory (SUSE-SU-2024:2359-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.6AI score0.14859EPSS
Exploits2References4
susecve
susecve
added 2024/07/10 3:37 a.m.4 views

SUSE CVE-2024-3596

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...

7.3CVSS8.1AI score0.14859EPSS
Exploits2References11
openvas
openvas
added 2024/07/10 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2024:2366-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.6AI score0.14859EPSS
Exploits2References4
openvas
openvas
added 2024/07/10 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2024:2361-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.6AI score0.14859EPSS
Exploits2References4
nessus
nessus
added 2024/07/10 12:0 a.m.30 views

SUSE SLES15: freeradius-server / freeradius-server-devel / freeradius-server-doc / etc (SUSE-SU-2024:2359-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2359-1 advisory. - CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 bsc1223414. Tenable has extracted the preceding description...

9CVSS7.5AI score0.14859EPSS
Exploits2References4
nessus
nessus
added 2024/07/10 12:0 a.m.28 views

SUSE SLES15: freeradius-server / freeradius-server-devel / freeradius-server-doc / etc (SUSE-SU-2024:2366-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2366-1 advisory. - CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 bsc1223414. Tenable has extracted the preceding description...

9CVSS7.5AI score0.14859EPSS
Exploits2References4
nessus
nessus
added 2024/07/10 12:0 a.m.23 views

SUSE SLES12: freeradius-server / freeradius-server-devel / freeradius-server-doc / etc (SUSE-SU-2024:2361-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2361-1 advisory. - CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 bsc1223414. Tenable has extracted the preceding description block directly...

9CVSS7.5AI score0.14859EPSS
Exploits2References4
nessus
nessus
added 2024/07/10 12:0 a.m.17 views

SUSE SLES15: freeradius-server / freeradius-server-devel / etc (SUSE-SU-2024:2367-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2367-1 advisory. - CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 bsc1223414. Tenable has extracted the preceding description block directly...

9CVSS7.5AI score0.14859EPSS
Exploits2References4
openvas
openvas
added 2024/07/10 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2024:2367-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.6AI score0.14859EPSS
Exploits2References4
osv
osv
added 2024/07/09 2:5 p.m.11 views

SUSE-SU-2024:2367-1 Security update for freeradius-server

This update for freeradius-server fixes the following issues: - CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 bsc1223414...

9CVSS9.2AI score0.14859EPSS
Exploits2References3
osv
osv
added 2024/07/09 2:4 p.m.7 views

SUSE-SU-2024:2366-1 Security update for freeradius-server

This update for freeradius-server fixes the following issues: - CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 bsc1223414...

9CVSS9.2AI score0.14859EPSS
Exploits2References3
Rows per page
Query Builder