Back to search
CVE-2012-4741
Published: Aug 31, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
The RADIUS extension in PacketFence before 3.3.0 uses a different user name than is used for authentication for users with custom VLAN assignment extensions, which allows remote attackers to spoof user identities via the User-Name RADIUS attribute.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[Packetfence-announce] 20120413 PacketFence 3.3.0 released!
mailing-list
x_refsource_MLIST
packetfence-radius-spoofing(78868)
vdb-entry
x_refsource_XF
http://www.packetfence.org/bugs/view.php?id=1390
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now