FreeRADIUS EAP-MSCHAPv2 Authentication Bypass Vulnerability

FreeRADIUS is prone to an authentication-bypass vulnerability. The issue exists in the EAP-MSCHAPv2 state machine. Bypassing authentication could also cause the server to crash.

FreeRADIUS versions from 1.0.0 to 1.1.0 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus