FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
17702e54-3da0-11ec-b7e0-3085a9a95629	pyrad -- multiple vulnerabilities Nathaniel McCallum reports: packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack. The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294. Discovery 2013-01-15 Entry 2021-11-05 py36-pyrad py37-pyrad py38-pyrad py39-pyrad py310-pyrad < 2.1 CVE-2013-0294 CVE-2013-0342 https://bugzilla.redhat.com/show_bug.cgi?id=911682 https://bugzilla.redhat.com/show_bug.cgi?id=911685

VuXML ID

Description

17702e54-3da0-11ec-b7e0-3085a9a95629

pyrad -- multiple vulnerabilities

Nathaniel McCallum reports:

packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.

The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294.

Discovery 2013-01-15
Entry 2021-11-05
py36-pyrad
py37-pyrad
py38-pyrad
py39-pyrad
py310-pyrad

< 2.1

CVE-2013-0294
CVE-2013-0342
https://bugzilla.redhat.com/show_bug.cgi?id=911682
https://bugzilla.redhat.com/show_bug.cgi?id=911685