Lucene search
+L

52 matches found

Akamai Blog
Akamai Blog
added 2021/03/09 4:30 p.m.18 views

Finding the Best Servers to Answer Queries -- Edge DNS and Anycast

TL;DR IP Anycast is a network addressing and routing methodology that allows IP addresses to be announced from multiple points on the internet With the proper implementation, Anycast can reduce DNS RTTs and offer innate DDoS protection Akamai's authoritative name service, Edge DNS, combines globa...

0.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2018/08/30 12:0 a.m.3 views

August 30, 2018—KB4343893 (OS Build 16299.637)

None None...

6.1AI score
Exploits0
Kitploit
Kitploit
added 2018/05/10 9:49 p.m.16 views

FreeRADIUS Server Configuration Tool

Developed for the Linux operating system and written in the python programming language. The purpose of the program is to configure the FreeRADIUS server easily and quickly. To get a grasp of what FreeRADIUS is, it would help to firstly understand what the concept RADIUS stands for: RADIUS : RADI...

8.1AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/06/28 12:0 a.m.21 views

GLSA-201706-27 : FreeRADIUS: Security bypass

The remote host is affected by the vulnerability described in GLSA-201706-27 FreeRADIUS: Security bypass It was discovered that the implementation of TTLS and PEAP in FreeRADIUS skips inner authentication when it handles a resumed TLS connection. The affected versions of FreeRADIUS fails to...

9.8CVSS7.9AI score0.03914EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2017/06/27 12:0 a.m.77 views

FreeRADIUS: Security bypass

Background FreeRADIUS is an open source RADIUS authentication server. Description It was discovered that the implementation of TTLS and PEAP in FreeRADIUS skips inner authentication when it handles a resumed TLS connection. The affected versions of FreeRADIUS fails to reliably prevent the...

9.8CVSS9.8AI score0.03914EPSS
Exploits0
Prion
Prion
added 2017/05/29 5:29 p.m.13 views

Authentication flaw

The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers such as malicious 802.1X supplicants to bypass authentication via PE...

7.5CVSS9.5AI score0.03914EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2017/05/29 5:29 p.m.30 views

CVE-2017-9148

The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers such as malicious 802.1X supplicants to bypass authentication via PE...

9.8CVSS7.2AI score
Exploits0References6
Debian CVE
Debian CVE
added 2017/05/29 5:0 p.m.26 views

CVE-2017-9148

The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers such as malicious 802.1X supplicants to bypass authentication via PE...

9.8CVSS9.8AI score0.03914EPSS
Exploits0
CVE
CVE
added 2017/05/29 5:0 p.m.95 views

CVE-2017-9148

The vulnerability CVE-2017-9148 affects FreeRADIUS: TLS session cache allows resumption of an unauthenticated TLS session, bypassing inner authentication for PEAP/TTLS. Affected versions include FreeRADIUS 2.1.1–2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04. Imp...

9.8CVSS9.5AI score0.03914EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2017/05/29 12:0 a.m.27 views

CVE-2017-9148

The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers such as malicious 802.1X supplicants to bypass authentication via PE...

9.8CVSS7.1AI score0.03914EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2017/02/03 12:0 a.m.51 views

FreeRADIUS -- TLS resumption authentication bypass

Stefan Winter reports: The TLS session cache in FreeRADIUS before 3.0.14 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers such as malicious 802.1X supplicants to bypass authentication via PEAP or TTLS...

9.8CVSS5.6AI score0.03914EPSS
Exploits0References3
n0where
n0where
added 2017/01/31 6:50 a.m.44 views

DNS Poisoning Attacks Made Easy: Judas DNS

DNS Poisoning Attacks Made Easy A DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation. Judas works by proxying all DNS queries to the legitimate nameservers for a domain. The magic comes with Judas’s rule configurations which allow you to...

0.8AI score
Exploits0References2
n0where
n0where
added 2016/04/12 10:19 p.m.1953 views

Access Point Impersonation Attacks: hostapd-wpe

hostapd-wpe – Wireless Pwnage Edition – hostapd-wpe is the replacement for FreeRADIUS-WPE . It implements IEEE 802.1x Authenticator and Authentication Server impersonation attacks to obtain client credentials, establish connectivity to the client, and launch other attacks where applicable...

5CVSS0.1AI score0.99999EPSS
Exploits90References2
The Hacker News
The Hacker News
added 2013/04/24 3:50 p.m.14 views

Who Needs a Botnet when you have a 4 Gbps DDoS Cannon?

In recent months the DDoS world has shifted from complex small scale Botnet attacks to much larger network based DDoS attacks, perpetrated largely by hijacked web servers. How many of these hijacked servers are out there remains to be seen. However, Incapsula recently got a very good idea of just...

6.6AI score
Exploits0
OpenVAS
OpenVAS
added 2011/12/05 12:0 a.m.33 views

SuSE Update for NetworkManager, wpa_supplicant, NetworkManager-gnome SUSE-SA:2011:045

Check for the Version of NetworkManager, wpasupplicant, NetworkManager-gnome OpenVAS Vulnerability Test SuSE Update for NetworkManager, wpasupplicant, NetworkManager-gnome SUSE-SA:2011:045 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.ne...

6.6AI score0.00884EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.19 views

Mandriva Update for freeradius MDKSA-2007:085 (freeradius)

Check for the Version of freeradius OpenVAS Vulnerability Test Mandriva Update for freeradius MDKSA-2007:085 freeradius Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

5CVSS6.4AI score0.02476EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.22 views

Mandriva Update for freeradius MDKSA-2007:085 (freeradius)

Check for the Version of freeradius OpenVAS Vulnerability Test Mandriva Update for freeradius MDKSA-2007:085 freeradius Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

5CVSS6.4AI score0.02476EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.24 views

openSUSE 10 Security Update : freeradius (freeradius-3286)

A memory leak in the code for handling EAP-TTLS tunnels could be exploited by attackers to crash freeradius CVE-2007-2028. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update freeradius-3286. The...

5CVSS5.4AI score0.02476EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/05/16 12:0 a.m.23 views

Fedora Core 6 : freeradius-1.1.3-2.fc6 (2007-499)

Wed May 9 2007 Thomas Woerner 1.1.3-2.fc6 - fixed CVE-2007-2028: EAP-TTLS denial of service Resolves: rhbz236248 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it...

5CVSS5.3AI score0.02476EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2007/05/10 12:0 a.m.34 views

Moderate: freeradius security update

1.0.1-3.RHEL4.5 - fixed CVE-2007-2028: EAP-TTLS denial of service Resolves: rhbz236247...

5CVSS2.2AI score0.02476EPSS
Exploits0
Rows per page
Query Builder