AlmaLinux 9 : freeradius (ALSA-2023:2166)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2166 advisory. - In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the siz...

Information Disclosure

freeradius is vulnerable to Information Disclosure. The vulnerability exists in the computepasswordelement function, which allows an attacker to substantially reduce the size of an offline dictionary attack, leaking information about the password...

CVE-2022-41859

In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack...

CVE-2022-41859

In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack...

CVE-2022-41859

CVE-2022-41859 affects the FreeRADIUS project. The vulnerability arises from the EAP-PWD function compute_password_element(), which leaks information about the password and enables an attacker to substantially reduce the size of an offline dictionary attack. Concrete details in connected sources ...

SUSE SLES15: freeradius-server / freeradius-server-devel / freeradius-server-doc / etc (SUSE-SU-2022:4626-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4626-1 advisory. - CVE-2022-41859: Fixes an information leakage in EAP-PWD bsc1206204. - CVE-2022-41860: Fixes a crash on unknown opti...