Описание
The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.1 (исключая)
cpe:2.3:a:pyrad_project:pyrad:*:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.0129
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 4.3
ubuntu
около 6 лет назад
The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294.
CVSS3: 4.3
debian
около 6 лет назад
The CreateID function in packet.py in pyrad before 2.1 uses sequential ...
EPSS
Процентиль: 79%
0.0129
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20