Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.social/users/LukaszOlejnik/statuses/112757029668127610">Lukasz Olejnik (lukaszolejnik@mastodon.social)'s status on Wednesday, 10-Jul-2024 07:29:58 JST</a><a href="https://mastodon.social/@LukaszOlejnik" title="lukaszolejnik@mastodon.social"><img src="https://gnusocial.jp/avatar/18834-48-20221107075922.webp" width="48" height="48" alt="Lukasz Olejnik" style="position: absolute; left: 0; top: 0;">Lukasz Olejnik</a></section><article><p>Critical vulnerability in RADIUS protocol (=everybody vulnerable) allows forging authentication messages and unauthorized network access. This flaw is due to the use of an obsolete MD5 hash function, and a novel chosen-prefix collision attack.<br>"If you are an end user, there is nothing that you can or should do"  <a href="https://www.blastradius.fail/pdf/radius.pdf" rel="nofollow noreferrer">https://www.blastradius.fail/pdf/radius.pdf</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3352745#notice-6600827">In conversation</a><time datetime="2024-07-10T07:29:58+09:00" title="Wednesday, 10-Jul-2024 07:29:58 JST">about 5 months ago</time> <span>from <span><a href="https://mastodon.social/@LukaszOlejnik/112757029668127610" rel="external" title="Sent from mastodon.social via ActivityPub">mastodon.social</a></span></span><a href="https://mastodon.social/@LukaszOlejnik/112757029668127610">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/2887668">Untitled attachment</a></label><br><a href="https://files.mastodon.social/media_attachments/files/112/757/017/019/755/891/original/8e28e6624bfae058.png" rel="external">https://files.mastodon.social/media_attachments/files/112/757/017/019/755/891/original/8e28e6624bfae058.png</a></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/2887669">Untitled attachment</a></label><br><a href="https://files.mastodon.social/media_attachments/files/112/757/023/880/797/095/original/25e517837b623c2f.png" rel="external">https://files.mastodon.social/media_attachments/files/112/757/023/880/797/095/original/25e517837b623c2f.png</a></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/2887670">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Lukasz Olejnik (lukaszolejnik@mastodon.social)'s status on Wednesday, 10-Jul-2024 07:29:58 JST Lukasz Olejnik
Critical vulnerability in RADIUS protocol (=everybody vulnerable) allows forging authentication messages and unauthorized network access. This flaw is due to the use of an obsolete MD5 hash function, and a novel chosen-prefix collision attack.
"If you are an end user, there is nothing that you can or should do" https://www.blastradius.fail/pdf/radius.pdf
In conversationabout 5 months ago from mastodon.socialpermalink
Attachments

Public

Embed Notice

HTML Code

Corresponding Notice