strongSwan numerical error vulnerability

strongSwan is an open-source VPN solution based on IPsec, developed by Andreas Steffen of Switzerland. This solution includes X.509 public key certificates, secure storage of private keys, and authentication mechanisms such as smart cards. Versions of strongSwan prior to 6.0.3 contained a numeric...

SUSE-SU-2025:3873-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2025-62291: fixed a buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941...

USN-7841-1 strongswan vulnerability

Xu Biang discovered that the strongSwan client incorrectly handled EAP-MSCHAPv2 failure requests. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly...

EUVD-2023-43628

Malicious code in bioql PyPI...

CVE-2023-39930

A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request...

CVE-2023-39930

A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request...

Authentication flaw

A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request...

CVE-2023-39930 PingFederate PingID Radius PCV Authentication Bypass

A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request...

CVE-2023-39930

CVE-2023-39930 describes a first-factor authentication bypass in PingFederate with PingID Radius PCV triggered by a maliciously crafted RADIUS MSCHAP authentication request. The impact stated across sources is a bypass of the first factor, potentially affecting authentication integrity and access...

CVE-2023-39930 PingFederate PingID Radius PCV Authentication Bypass

A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request...

USN-2811-1 strongswan vulnerability

It was discovered that the strongSwan eap-mschapv2 plugin incorrectly handled state. A remote attacker could use this issue to bypass authentication...

Oracle Linux 6 : freeradius (ELSA-2015-1287)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-1287 advisory. 2.2.6-4 - Move OpenSSL init out of version check Resolves: Bug1189394 radiusd segfaults after update - Comment-out ippool-dhcp.conf inclusion Resolves: Bug11893...

freeradius security, bug fix, and enhancement update

2.2.6-4 - Move OpenSSL init out of version check Resolves: Bug1189394 radiusd segfaults after update - Comment-out ippool-dhcp.conf inclusion Resolves: Bug1189386 radiusd fails to start after 'clean' installation 2.2.6-3 - Disable OpenSSL version check Resolves: Bug1189011 2.2.6-2 - Fix a number ...

CentOS 3 / 4 : freeradius (CESA-2006:0271)

Updated freeradius packages that fix an authentication weakness are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. FreeRADIUS is a high-performance and highly configurable free RADIUS server designed to allow centralized...

freeradius security update

CentOS Errata and Security Advisory CESA-2006:0271 Updated freeradius packages that fix an authentication weakness are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. FreeRADIUS is a high-performance and highly configurable free...

security flaw

Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service server crash via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module...

Important: Red Hat Security Advisory: freeradius security update

Updated freeradius packages that fix an authentication weakness are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. FreeRADIUS is a high-performance and highly configurable free RADIUS server designed to allow centralized...

RHEL 3 / 4 : freeradius (RHSA-2006:0271)

Updated freeradius packages that fix an authentication weakness are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. FreeRADIUS is a high-performance and highly configurable free RADIUS server designed to allow centralized...

DEBIAN-CVE-2006-1354

Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service server crash via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module...