RSS   Vulnerabilities for 'Pyrad'   RSS

2020-01-28
 
CVE-2013-0294

CWE-330
 

 
packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.

 
2019-12-09
 
CVE-2013-0342

CWE-20
 

 
The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294.

 


Copyright 2024, cxsecurity.com

 

Back to Top