EUVD-2015-0611

Malware in sbrugna...

MS15-007: Vulnerability in Network Policy Server RADIUS implementation could cause denial of service: January 13, 2015

MS15-007: Vulnerability in Network Policy Server RADIUS implementation could cause denial of service: January 13, 2015 Summary This security update resolves a privately reported vulnerability in Windows. The vulnerability could allow denial of service on Internet Authentication Service IAS or...

MS15-007: Vulnerability in Network Policy Server RADIUS Implementation Could Cause Denial of Service (3014029)

The remote Windows host is affected by a denial of service vulnerability due to a failure to properly parse username queries on an Internet Authentication Service IAS or a Network Policy Server NPS. A remote, unauthenticated attacker, using specially crafted username strings, can exploit this to...

CVE-2001-1376

Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data...

Re: More problems with RADIUS (protocol and implementations)

I note that the original message didn't cite my short message to Bugtraq about security issues with RADIUS: http://cert.uni-stuttgart.de/archive/bugtraq/2000/12/msg00332.html Some points in that message were also covered by Joshua, he added a number of good points, and missed a few others...