Описание
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
Ссылки
- Mailing List
- Technical Description
- Technical Description
- Third Party Advisory
- Third Party Advisory
- Technical Description
- Mailing List
- Technical Description
- Technical Description
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Technical Description
Уязвимые конфигурации
Одно из
EPSS
9 Critical
CVSS3
Дефекты
Связанные уязвимости
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a ...
EPSS
9 Critical
CVSS3