Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2006-1354

Published: 22/03/2006 Updated: 11/10/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Freeradius

Vulnerability Summary

Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote malicious users to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module.

Vulnerable Product Search on Vulmon Subscribe to Product

freeradius freeradius 1.0.5

freeradius freeradius 1.1.0

freeradius freeradius 1.0.0

freeradius freeradius 1.0.3

freeradius freeradius 1.0.4

freeradius freeradius 1.0.1

freeradius freeradius 1.0.2

Vendor Advisories

Debian CVElist Bug Report Logs: [CVE-2006-1354] EAP-MSCHAPv2 vulnerability
Debian Bug report logs - #359042 [CVE-2006-1354] EAP-MSCHAPv2 vulnerability Package: freeradius; Maintainer for freeradius is Debian FreeRADIUS Packaging Team <pkg-freeradius-maintainers@listsaliothdebianorg>; Source for freeradius is src:freeradius (PTS, buildd, popcon) Reported by: Florian Weimer <fw@denebenyode&gt ...
Debian Security Advisories: DSA-1089-1 freeradius -- several vulnerabilities
Several problems have been discovered in freeradius, a high-performance and highly configurable RADIUS server The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-4744 SuSE researchers have discovered several off-by-one errors may allow remote attackers to cause a denial of service and possibly ...

References

NVD-CWE-Otherhttp://www.freeradius.org/security.htmlhttp://secunia.com/advisories/19300http://lists.suse.de/archive/suse-security-announce/2006-Mar/0009.htmlhttp://www.securityfocus.com/bid/17171http://securitytracker.com/id?1015795http://secunia.com/advisories/19405http://www.trustix.org/errata/2006/0020http://www.gentoo.org/security/en/glsa/glsa-200604-03.xmlhttp://rhn.redhat.com/errata/RHSA-2006-0271.htmlhttp://secunia.com/advisories/19518http://secunia.com/advisories/19527ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.aschttp://secunia.com/advisories/19811http://www.debian.org/security/2006/dsa-1089http://secunia.com/advisories/20461http://www.mandriva.com/security/advisories?name=MDKSA-2006:060http://www.vupen.com/english/advisories/2006/1016https://exchange.xforce.ibmcloud.com/vulnerabilities/25352https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10156https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=359042https://nvd.nist.govhttps://www.debian.org/security/./dsa-1089
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook