GHSA-W4PX-9PGM-P2F3 pyrad uses sequential packet IDs

The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294...

CVE-2013-0342

The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294...

CVE-2013-0342

The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294...

Ubuntu 14.04 LTS : NTP vulnerabilities (USN-2567-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2567-1 advisory. Miroslav Lichvar discovered that NTP incorrectly validated MAC fields. A remote attacker could possibly use this issue to bypass authentication and spoof...

CVE-2014-5409

The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers ISNs, which makes it easier for remote attackers to spoof packets by predicting these values...

pyrad -- multiple vulnerabilities

Nathaniel McCallum reports: packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack. The CreateID function in packet.py in pyrad before 2.1 uses...

CVE-2006-5213

Sun Solaris 10 prior to 20061006 is affected by CVE-2006-5213 due to incorrect and insufficient permission checks when a local user creates a raw socket on a link aggregation device, enabling interception or spoofing of packets. The vulnerability arises from how the kernel handles raw sockets on ...