Critical vulnerability in RADIUS protocol (=everybody vulnerable) allows forging authentication messages and unauthorized network access. This flaw is due to the use of an obsolete MD5 hash function, and a novel chosen-prefix collision attack.
"If you are an end user, there is nothing that you can or should do" https://www.blastradius.fail/pdf/radius.pdf
Conversation
Notices
-
Embed this notice
Lukasz Olejnik (lukaszolejnik@mastodon.social)'s status on Wednesday, 10-Jul-2024 07:29:58 JST Lukasz Olejnik