CVE-2006-1354

Published: Mar 22, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

GLSA-200604-03

vendor-advisory

x_refsource_GENTOO

freeradius-eap-mschapv2-auth-bypass(25352)

vdb-entry

x_refsource_XF

19300

third-party-advisory

x_refsource_SECUNIA

SUSE-SA:2006:019

vendor-advisory

x_refsource_SUSE

17171

vdb-entry

x_refsource_BID

20461

third-party-advisory

x_refsource_SECUNIA

19405

third-party-advisory

x_refsource_SECUNIA

19811

third-party-advisory

x_refsource_SECUNIA

ADV-2006-1016

vdb-entry

x_refsource_VUPEN

oval:org.mitre.oval:def:10156

vdb-entry

signature

x_refsource_OVAL

http://www.freeradius.org/security.html

x_refsource_CONFIRM

DSA-1089

vendor-advisory

x_refsource_DEBIAN

1015795

vdb-entry

x_refsource_SECTRACK

RHSA-2006:0271

vendor-advisory

x_refsource_REDHAT

19527

third-party-advisory

x_refsource_SECUNIA

2006-0020

vendor-advisory

x_refsource_TRUSTIX

MDKSA-2006:060

vendor-advisory

x_refsource_MANDRIVA

19518

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2006-1354

Description

Affected Products

References