freeradius: forgery attack

A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...

The vulnerability lies in the implementation of the `mt_rand()` and `time()` functions in the pearweb package’s PHP classes from the PEAR library. This allows an attacker to gain unauthorized access to protected information or execute arbitrary code.

The vulnerability in the implementation of the mtrand and time functions in the pearweb package’s PHP class library in the PEAR library is related to the use of an insufficiently secure MD5 encryption algorithm. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...

OpenSSL < 0.9.8 Weak Message Digest Vulnerability

OpenSSL uses MD5 for creating message digests instead of a more cryptorgaphically strong algorithm. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...