Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : freeradius-3.0.21-37.el9 (AXSA:2023-5499:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5499:02 advisory. freeradius: Information leakage in EAP-PWD CVE-2022-41859 freeradius: Crash on unknown option in EAP-SIM CVE-2022-41860 freeradius: Crash on invalid...

7.5CVSS5.6AI score0.01171EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/06/27 12:0 a.m.4 views

Debian: Security Advisory (DLA-4232-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01171EPSS
Exploits0References2
Debian
Debian
added 2025/06/26 2:37 p.m.15 views

[SECURITY] [DLA 4232-1] freeradius security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4232-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA June 26, 2025 https://wiki.debian.org/LTS -...

7.5CVSS7.5AI score0.01171EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2022-41860

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will...

7.5CVSS7.5AI score0.01171EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2023/10/11 3:2 a.m.19 views

CVE-2022-41860 affecting package freeradius for versions less than 3.2.3-1

CVE-2022-41860 affecting package freeradius for versions less than 3.2.3-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.2AI score0.01171EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/20 12:0 a.m.25 views

AlmaLinux 8 : freeradius:3.0 (ALSA-2023:2870)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2870 advisory. freeradius: Information leakage in EAP-PWD CVE-2022-41859 freeradius: Crash on unknown option in EAP-SIM CVE-2022-41860 freeradius: Crash on invalid abina...

7.5CVSS6.9AI score0.01171EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/05/16 8:26 a.m.37 views

Moderate: Red Hat Security Advisory: freeradius:3.0 security update

An update for the freeradius:3.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.9AI score0.01171EPSS
Exploits0References5
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.40 views

Moderate: freeradius:3.0 security update

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized authentication and authorization for a network. Security Fixes: freeradius: Information leakage in EAP-PWD CVE-2022-41859 freeradius: Crash on...

7.5CVSS7.2AI score0.01171EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/05/09 9:50 a.m.38 views

Moderate: Red Hat Security Advisory: freeradius security and bug fix update

An update for freeradius is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS6.9AI score0.01171EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.35 views

Moderate: freeradius security and bug fix update

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized authentication and authorization for a network. Security Fixes: freeradius: Information leakage in EAP-PWD CVE-2022-41859 freeradius: Crash on...

7.5CVSS7.2AI score0.01171EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/03/07 12:0 a.m.35 views

Amazon Linux AMI : freeradius (ALAS-2023-1699)

The version of freeradius installed on the remote host is prior to 2.2.6-7.17. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1699 advisory. When an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionarie...

7.5CVSS7.4AI score0.01171EPSS
Exploits0References4
Amazon
Amazon
added 2023/03/07 12:0 a.m.27 views

Medium: freeradius

Issue Overview: When an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash...

7.5CVSS7.8AI score0.01171EPSS
Exploits0
Amazon
Amazon
added 2023/03/06 12:0 a.m.31 views

Medium: freeradius

Issue Overview: The EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack. CVE-2022-41859 When an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that optio...

7.5CVSS7.2AI score0.01171EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/02/25 12:0 a.m.58 views

Debian: Security Advisory (DLA-3342-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.01171EPSS
Exploits0References4
Debian
Debian
added 2023/02/24 4:29 p.m.25 views

[SECURITY] [DLA 3342-1] freeradius security update

Debian LTS Advisory DLA-3342-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 24, 2023 https://wiki.debian.org/LTS Package : freeradius Version : 3.0.17+dfsg-1.1+deb10u2 CVE ID : CVE-2022-41859 CVE-2022-41860 CVE-2022-41861 Several flaws were found in...

7.5CVSS6.9AI score0.01171EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/02/08 12:0 a.m.25 views

EulerOS 2.0 SP8 : freeradius (EulerOS-SA-2023-1312)

According to the versions of the freeradius package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionarie...

7.5CVSS6.7AI score0.01171EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/01/26 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2023:0135-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.01171EPSS
Exploits0References6
OSV
OSV
added 2023/01/25 10:20 a.m.7 views

SUSE-SU-2023:0135-1 Security update for freeradius-server

This update for freeradius-server fixes the following issues: - CVE-2022-41859: Fixed an issue in EAP-PWD that could leak information about the password, which could facilitate dictionary attacks bsc1206204. - CVE-2022-41860: Fixed a crash in servers with EAPSIM manually configured, which could b...

7.5CVSS6.7AI score0.01171EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2023/01/17 12:0 a.m.37 views

CVE-2022-41860

In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash...

7.5CVSS7.5AI score0.01171EPSS
Exploits0
CVE
CVE
added 2023/01/17 12:0 a.m.129 views

CVE-2022-41860

CVE-2022-41860 affects FreeRADIUS: when an EAP-SIM supplicant sends an unknown SIM option, the server looks it up in internal dictionaries, fails, but the SIM code dereferences a NULL pointer, crashing the server. Connected advisories confirm fixes in multiple distributions; Debian LTS/DLA adviso...

7.5CVSS7.3AI score0.01171EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder