FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
17702e54-3da0-11ec-b7e0-3085a9a95629pyrad -- multiple vulnerabilities

Nathaniel McCallum reports:

packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.

The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294.


Discovery 2013-01-15
Entry 2021-11-05
py36-pyrad
py37-pyrad
py38-pyrad
py39-pyrad
py310-pyrad
lt 2.1

CVE-2013-0294
CVE-2013-0342
https://bugzilla.redhat.com/show_bug.cgi?id=911682
https://bugzilla.redhat.com/show_bug.cgi?id=911685