Hitachi Energy FOX61x

SUMMARY Hitachi Energy is aware of a vulnerability that affects FOX61x product versions listed in this document. Successful exploitation of this vulnerability can lead to forgery attacks potentially causing impact on confidentiality, integrity and availability for the product. Please refer to...

From Consensus to Chaos: A Vulnerability Assessment of the RAFT Algorithm

In recent decades, the RAFT distributed consensus algorithm has become a main pillar of the distributed systems ecosystem, ensuring data consistency and fault tolerance across multiple nodes. Although the fact that RAFT is well known for its simplicity, reliability, and efficiency, its security...

EUVD-2018-6562

Malware in sbrugna...

DATABench: Evaluating Dataset Auditing in Deep Learning from an Adversarial Perspective

The widespread application of Deep Learning across diverse domains hinges critically on the quality and composition of training datasets. However, the common lack of disclosure regarding their usage raises significant privacy and copyright concerns. Dataset auditing techniques, which aim to...

TencentOS Server 2: freeradius (TSSA-2024:0379)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0379 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

TencentOS Server 3: krb5 (TSSA-2024:0803)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0803 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: freeradius (TSSA-2024:0492)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0492 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 2: krb5 (TSSA-2024:0862)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0862 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0159: freeradius:3.0 (ALINUX3-SA-2024:0159)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0159 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-3596: RADIUS Protocol under RFC 2865 is...

Alibaba Cloud Linux 3 : 0239: krb5 (ALINUX3-SA-2024:0239)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0239 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-3596: RADIUS Protocol under RFC 2865 is...

Fortinet Fortigate RADIUS Protocol CVE-2024-3596 (FG-IR-24-255)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-255 advisory. - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response...

Fortinet FortiWeb RADIUS Protocol CVE-2024-3596 (FG-IR-24-255)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-255 advisory. - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response...

Mageia: Security Advisory (MGASA-2024-0385)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

F5 Networks BIG-IP : RADIUS authentication vulnerability (K000141008)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2 / Hotfix- BIGIP-15.1.10.5.0.28.10-ENG.iso / Hotfix-BIGIP-16.1.5.1.0.13.7-ENG.iso / Hotfix-BIGIP-17.1.1.4.0.100.9-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000141008...

Ubuntu 14.04 LTS / 16.04 LTS : XStream vulnerabilities (USN-6978-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6978-1 advisory. It was discovered that XStream incorrectly handled parsing of certain crafted XML documents. A remote attacker could possibly use this issue ...

Amazon Linux 2 : freeradius (ALAS-2024-2611)

The version of freeradius installed on the remote host is prior to 3.0.27-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2611 advisory. RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response...

RADIUS Protocol Forgery Vulnerability (Blast-RADIUS)

In early July 2024, a group of security researchers found a vulnerability in the RADIUS protocol:CVE-2024-3596: RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by an on-path attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other...

CVE-2024-3596

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...

CVE-2024-3596

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...

CVE-2024-3596

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...