26 matches found
Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability
A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to cause Cisco ISE to restart unexpectedly. This vulnerability is due to a logic error when processing a RADIUS...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
July 9, 2024—KB5040438 (OS Build 25398.1009)
July 9, 2024—KB5040438 OS Build 25398.1009 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...
freeradius:3.0 security update
An update is available for freeradius, module.freeradius. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRADIUS is a high-performance and highly configurabl...
The vulnerability of the RADIUS protocol implementation (Remote Authentication in Dial-In User Service) of the Cisco Identity Services Engine (ISE) allows a perpetrator to cause service interruptions.
The vulnerability of the RADIUS protocol Remote Authentication in Dial-In User Service implementation of the Cisco Identity Services Engine ISE is related to errors in processing requests. Exploiting this vulnerability allows a malicious actor to cause service denial by sending a specially crafte...
The vulnerability of the RADIUS protocol implementation (Remote Authentication in Dial-In User Service) of the Cisco Identity Services Engine (ISE) allows a perpetrator to cause service interruptions.
The vulnerability of the RADIUS protocol implementation Remote Authentication in Dial-In User Service of the Cisco Identity Services Engine ISE is related to incorrect processing of RADIUS requests. Exploiting this vulnerability can allow a malicious actor to cause service failures...
3.0 bug fix update
An update is available for freeradius. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRADIUS is a high-performance and highly configurable free Remote...
Cisco IOS XE CTS PAC Configuration Denial of Service Vulnerability
Cisco IOS XE is a set of operating systems developed by Cisco for its network devices. A denial of service vulnerability exists in the Cisco TrustSec CTS Protected Access Credentials PAC configuration module of Cisco IOS XE. The vulnerability stems from improper validation of attributes in RADIUS...
CVE-2019-1029
A denial of service vulnerability exists in Skype for Business. An attacker who successfully exploited the vulnerability could cause Skype for Business to stop responding. Note that the denial of service would not allow an attacker to execute code or to elevate the attacker's user rights. To...
Skype for Business and Lync Server Denial of Service Vulnerability
A denial of service vulnerability exists in Skype for Business. An attacker who successfully exploited the vulnerability could cause Skype for Business to stop responding. Note that the denial of service would not allow an attacker to execute code or to elevate the attacker's user rights. To...
DEBIAN-CVE-2018-17141
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...
ALPINE-CVE-2018-17141
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...
Code injection
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...
CVE-2018-17141
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...
UBUNTU-CVE-2018-17141
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...
CVE-2018-17141
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...
CVE-2018-17141
CVE-2018-17141 affects HylaFAX and HylaFAX+ where specially crafted JPEG input during fax page reception could trigger remote code execution due to missing input sanitising in the FaxModem data path. Public fixes exist: HylaFAX+ 5.6.1 (and later) mitigates the issue; Debian LTS advisory notes a f...
Description of the cumulative update package for Office Communications Server 2007 R2, Communicator Web Access: April 2010
Describes the issue that is fixed in the Office Communications Server 2007 R2, Communicator Web Access update package that is dated April 2010.SummaryThis article describes the Microsoft Office Communications Server 2007 R2, Microsoft Office Communicator Web Access issues that are fixed in the...