Skip to content

Top Best Ask Show New Jobs

Radius/UDP Considered Harmful (opens in new tab)

(blastradius.fail)

13 pointsshaananc1y ago1 comments

1 comments

1 comments · 1 top-level

royce1y ago

CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3596

Nothing on oss-security list yet, but it'll appear here: https://www.openwall.com/lists/oss-security/2024/07/09/

Essential reading is this FAQ from DeKok, FreeRADIUS maintainer who revised the RADIUS UDP approach to mitigate: https://www.inkbridgenetworks.com/blastradius/faq

j / k navigate · click thread line to collapse