2 matches found
CLSA-2025-1743103421 freeradius: Fix of CVE-2024-3596
CVE-2024-3596: fix chosen-prefix collision attack against MD5 Response Authenticator signature that allowed malicious modification of valid RADIUS responses...
USN-7257-1 krb5 vulnerability
Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that Kerberos incorrectly authenticated certain responses. An attacker able to intercept communications between a RADIUS client and server could possibly use this issue to forge responses, bypas...