Описание
packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| pyrad | fixed | 2.0-2 | package | |
| pyrad | fixed | 1.2-1+deb7u2 | wheezy | package |
| pyrad | fixed | 1.2-1+deb6u1 | squeeze | package |
Связанные уязвимости
CVSS3: 5.9
ubuntu
около 6 лет назад
packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.
CVSS3: 5.9
nvd
около 6 лет назад
packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.
CVSS3: 5.9
github
почти 4 года назад
pyrad is vulnerable to the use of Insufficiently Random Values