CVE-2022-41859

Опубликовано: 17 янв. 2023

Источник: debian

EPSS Низкий

Описание

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
freeradius	fixed	3.2.0+dfsg-1		package

Примечания

https://github.com/FreeRADIUS/freeradius-server/commit/9e5e8f2f912ad2da8ac6e176ac3a606333469937 (release_3_0_26)

EPSS

Процентиль: 36%

0.00148

Низкий

Связанные уязвимости

CVE-2022-41859

CVSS3: 7.5

ubuntu

больше 2 лет назад

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

CVE-2022-41859

CVSS3: 7.5

redhat

больше 3 лет назад

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

CVE-2022-41859

CVSS3: 7.5

nvd

больше 2 лет назад

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

GHSA-cmvm-c7qf-pmc5

CVSS3: 7.5

github

больше 2 лет назад

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

SUSE-SU-2023:0135-1

suse-cvrf

больше 2 лет назад

Security update for freeradius-server

EPSS

Процентиль: 36%

0.00148

Низкий