Lucene search
Ubuntu.comUB:CVE-2024-3596HistoryJul 09, 2024 - 12:00 a.m.
CVE-2024-3596
2024-07-0900:00:00
ubuntu.com
ubuntu.com
18
cve-2024-3596
forgery attacks
local attacker
chosen-prefix collision attack
md5 response authenticator
radius clients
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local
attacker who can modify any valid Response (Access-Accept, Access-Reject,
or Access-Challenge) to any other response using a chosen-prefix collision
attack against MD5 Response Authenticator signature.
Notes
| Author | Note |
|---|---|
| alexmurray | RADIUS clients may also be affected |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | freeradius | <Â any | UNKNOWN |
| ubuntu | 20.04 | noarch | freeradius | <Â any | UNKNOWN |
| ubuntu | 22.04 | noarch | freeradius | <Â any | UNKNOWN |
| ubuntu | 24.04 | noarch | freeradius | <Â any | UNKNOWN |
| ubuntu | 16.04 | noarch | freeradius | <Â any | UNKNOWN |
Related
redhat
redhat
(RHSA-2024:4829) Important: freeradius:3.0 security update
2024-07-24 12:41:34
(RHSA-2024:4911) Important: freeradius security update
2024-07-30 08:39:46
(RHSA-2024:4826) Important: freeradius:3.0 security update
2024-07-24 12:41:12
nvd
nvd
CVE-2024-3596
2024-07-09 12:15:20
nessus
nessus
RHEL 9 : freeradius (RHSA-2024:4912)
2024-07-31 00:00:00
F5 Networks BIG-IP : RADIUS authentication vulnerability (K000141008)
2024-09-09 00:00:00
Rocky Linux 8 : freeradius:3.0 (RLSA-2024:4936)
2024-08-06 00:00:00
rocky
rocky
freeradius:3.0 security update
2024-08-01 01:28:22
freeradius security update
2024-08-01 01:29:16
debiancve
debiancve
CVE-2024-3596
2024-07-09 12:15:20
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-c395d8fef4)
2024-08-06 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:2367-1)
2024-07-10 00:00:00
Mageia: Security Advisory (MGASA-2024-0264)
2024-07-15 00:00:00
cert
cert
RADIUS protocol susceptible to forgery attacks.
2024-07-09 00:00:00
github
github
BlastRADIUS also affects eduMFA
2024-07-17 16:01:37
githubexploit
githubexploit
Exploit for CVE-2024-3596
2024-07-09 19:44:40
almalinux
almalinux
Important: freeradius security update
2024-07-31 00:00:00
Important: freeradius:3.0 security update
2024-07-31 00:00:00
oraclelinux
oraclelinux
freeradius security update
2024-07-31 00:00:00
freeradius:3.0 security update
2024-07-31 00:00:00
paloalto
paloalto
fedora
fedora
[SECURITY] Fedora 39 Update: freeradius-3.2.5-1.fc39
2024-07-18 04:06:37
arista
arista
Security Advisory 0101
2024-07-09 00:00:00
osv
osv
Important: freeradius security update
2024-08-01 01:29:16
Important: freeradius:3.0 security update
2024-07-31 00:00:00
BlastRADIUS also affects eduMFA
2024-07-17 16:01:37
cvelist
cvelist
mscve
mscve
CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability
2024-07-09 07:00:00
cve
cve
CVE-2024-3596
2024-07-09 12:15:20
amazon
amazon
Important: freeradius
2024-08-01 03:01:00
ics
ics
Siemens SCALANCE, RUGGEDCOM, SIPLUS, and SINEC
2024-07-11 12:00:00
f5
f5
K000141008: RADIUS authentication vulnerability CVE-2024-3596
2024-09-10 00:00:00
redhatcve
redhatcve
CVE-2024-3596
2024-07-09 14:51:24
thn
thn
RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
2024-07-09 12:39:00
Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool
2024-07-11 15:19:00
Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited
2024-07-10 11:05:00
vulnrichment
vulnrichment
mageia
mageia
Updated freeradius packages fix security vulnerability
2024-07-14 08:23:38
cisco
cisco
RADIUS Protocol Spoofing Vulnerability (Blast-RADIUS): July 2024
2024-07-10 16:00:00
mskb
mskb
July 9, 2024âKB5040499 (Monthly Rollup)
2024-08-13 07:00:00
July 9, 2024âKB5040490 (Security-only update)
2024-08-13 07:00:00
July 9, 2024âKB5040498 (Security-only update)
2024-08-13 07:00:00
kaspersky
kaspersky
KLA70412 Multiple vulnerabilities in Microsoft Products (ESU)
2024-07-09 00:00:00
KLA70416 Multiple vulnerabilities in Microsoft Windows
2024-07-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - July 2024
2024-07-09 20:03:58