Vulnerability opens FreeRADIUS servers to unauthenticated attackers

Zeljka Zorz –


A vulnerability in the free, open source FreeRADIUS server could be exploited by remote attackers to bypass authentication via PEAP or TTLS.


                                         freeradius authentication bypass


There is currently no indication that the flaw is being exploited in the wild, but as the existence of the flaw has been made public, the likelihood of attacks rises.

The good news is the FreeRADIUS Development Team has plugged the hole in version 3.0.14 of the FreeRADIUS suite (pushed out on Friday), and administrators are advised to upgrade their installation as soon as possible.


Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico