38 matches found
Astra Linux – Vulnerability in krb5
The RADIUS protocol, as described in RFC 2865, is vulnerable to forgery attacks by local attackers who can modify any valid response—whether an Access-Accept, Access-Reject, or Access-Challenge response—into any other response, using a chosen-prefix collision attack against the MD5 Response...
Juniper Junos OS Vulnerability (JSA100056)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100056 advisory. - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge t...
CLSA-2025-1743103421 freeradius: Fix of CVE-2024-3596
CVE-2024-3596: fix chosen-prefix collision attack against MD5 Response Authenticator signature that allowed malicious modification of valid RADIUS responses...
Mageia: Security Advisory (MGASA-2024-0385)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K000141008: RADIUS authentication vulnerability CVE-2024-3596
Security Advisory Description RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator...
F5 Networks BIG-IP : RADIUS authentication vulnerability (K000141008)
The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2 / Hotfix- BIGIP-15.1.10.5.0.28.10-ENG.iso / Hotfix-BIGIP-16.1.5.1.0.13.7-ENG.iso / Hotfix-BIGIP-17.1.1.4.0.100.9-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000141008...
Amazon Linux 2 : freeradius (ALAS-2024-2611)
The version of freeradius installed on the remote host is prior to 3.0.27-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2611 advisory. RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response...
OESA-2024-1878 freeradius security update
Remote Authentication Dial-In User Service RADIUS is a networking protocol that provides centralized Authentication, Authorization, and Accounting AAA or Triple A management for users who connect and use a network service. Security Fixes: RADIUS Protocol under RFC 2865 is susceptible to forgery...
openSUSE Security Advisory (SUSE-SU-2024:2359-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:2366-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2024-3596
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...
SUSE SLES15: freeradius-server / freeradius-server-devel / freeradius-server-doc / etc (SUSE-SU-2024:2366-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2366-1 advisory. - CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 bsc1223414. Tenable has extracted the preceding description...
SUSE SLES15: freeradius-server / freeradius-server-devel / freeradius-server-doc / etc (SUSE-SU-2024:2359-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2359-1 advisory. - CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 bsc1223414. Tenable has extracted the preceding description...
SUSE SLES15: freeradius-server / freeradius-server-devel / etc (SUSE-SU-2024:2367-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2367-1 advisory. - CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 bsc1223414. Tenable has extracted the preceding description block directly...
SUSE SLES12: freeradius-server / freeradius-server-devel / freeradius-server-doc / etc (SUSE-SU-2024:2361-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2361-1 advisory. - CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 bsc1223414. Tenable has extracted the preceding description block directly...
SUSE: Security Advisory (SUSE-SU-2024:2366-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:2367-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:2361-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:2367-1 Security update for freeradius-server
This update for freeradius-server fixes the following issues: - CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 bsc1223414...
SUSE-SU-2024:2366-1 Security update for freeradius-server
This update for freeradius-server fixes the following issues: - CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 bsc1223414...