CVE-2006-1354

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2006-1354

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-1354.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2006-1354

Downstream

DEBIAN-CVE-2006-1354

DSA-1089-1

RHSA-2006:0271

Published

2006-03-22T02:02:00Z

Modified

2025-08-09T19:01:28Z

Summary

[none]

Details

Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module.

References

ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
http://rhn.redhat.com/errata/RHSA-2006-0271.html
http://secunia.com/advisories/19300
http://secunia.com/advisories/19405
http://secunia.com/advisories/19518
http://secunia.com/advisories/19527
http://secunia.com/advisories/19811
http://secunia.com/advisories/20461
http://www.debian.org/security/2006/dsa-1089
http://www.mandriva.com/security/advisories?name=MDKSA-2006:060
http://www.vupen.com/english/advisories/2006/1016
http://lists.suse.de/archive/suse-security-announce/2006-Mar/0009.html
http://securitytracker.com/id?1015795
http://www.freeradius.org/security.html
http://www.gentoo.org/security/en/glsa/glsa-200604-03.xml
http://www.securityfocus.com/bid/17171
http://www.trustix.org/errata/2006/0020
https://exchange.xforce.ibmcloud.com/vulnerabilities/25352
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10156

CVE-2006-1354

Affected packages