Описание
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.2.5+dfsg-3 |
| esm-infra/bionic | needed | |
| esm-infra/focal | released | 3.0.20+dfsg-3ubuntu0.4 |
| esm-infra/xenial | needed | |
| focal | released | 3.0.20+dfsg-3ubuntu0.4 |
| jammy | released | 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3 |
| mantic | ignored | end of life, was needed |
| noble | released | 3.2.5+dfsg-3~ubuntu24.04.1 |
| oracular | not-affected | 3.2.5+dfsg-3 |
| plucky | not-affected | 3.2.5+dfsg-3 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.21.3-4ubuntu1 |
| esm-infra-legacy/trusty | released | 1.12+dfsg-2ubuntu5.4+esm6 |
| esm-infra/bionic | released | 1.16-2ubuntu0.4+esm3 |
| esm-infra/focal | released | 1.17-6ubuntu4.8 |
| esm-infra/xenial | released | 1.13.2+dfsg-5ubuntu2.2+esm6 |
| focal | released | 1.17-6ubuntu4.8 |
| jammy | released | 1.19.2-2ubuntu0.5 |
| noble | released | 1.20.1-6ubuntu2.3 |
| oracular | released | 1.21.3-3ubuntu0.1 |
| plucky | released | 1.21.3-4ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.0.0-1 |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | needs-triage | |
| esm-infra/xenial | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needs-triage | |
| noble | needs-triage |
Показывать по
EPSS
9 Critical
CVSS3
Связанные уязвимости
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a ...
EPSS
9 Critical
CVSS3