CVE-2021-32642 – Missing input validation in dynamic discovery example scripts.
https://notcve.org/view.php?id=CVE-2021-32642
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS (RadSec) RADIUS transports. Missing input validation in radsecproxy's `naptr-eduroam.sh` and `radsec-dynsrv.sh` scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Information disclosure, Denial of Service, Redirection of Radius connection to a non-authenticated server leading to non-authenticated network access. Updated example scripts are available in the master branch and 1.9 release. Note that the scripts are not part of the installation package and are not updated automatically. • https://github.com/radsecproxy/radsecproxy/security/advisories/GHSA-56gw-9rj9-55rc https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HOC5AFG65NYLMMUTNSBOPC5F4LBAC7BR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7QK5M2SZVMCAFSRQMM6PRZZRQQ372XI https://www.usenix.org/conference/usenixsecurity21/presentation/jeitner • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVE-2012-4566
https://notcve.org/view.php?id=CVE-2012-4566
The DTLS support in radsecproxy before 1.6.2 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof clients, a different vulnerability than CVE-2012-4523. El soporte DTLS en radsecproxy antes de v1.6.2 no verifica correctamente certificados cuando hay bloques de configuración con la configuración de CA que no están relacionados con el bloque que está siendo utilizado para comprobar la cadena de certificados, lo que podría permitir a atacantes remotos evitar las restricciones de acceso previstas y suplantar clientes, una vulnerabilidad diferente a CVE-2012-4523. • http://git.nordu.net/?p=radsecproxy.git%3Ba=commit%3Bh=3682c935facf5ccd7fa600644bbb76957155c680 http://secunia.com/advisories/51251 http://www.debian.org/security/2012/dsa-2573 http://www.openwall.com/lists/oss-security/2012/10/17/7 http://www.openwall.com/lists/oss-security/2012/10/31/6 https://postlister.uninett.no/sympa/arc/radsecproxy/2012-09/msg00001.html https://postlister.uninett.no/sympa/arc/radsecproxy/2012-10/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-4523
https://notcve.org/view.php?id=CVE-2012-4523
radsecproxy before 1.6.1 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof clients. radsecproxy antes de v1.6.1 no verifica correctamente certificados cuando hay bloques de configuración con la configuración de CA que no están relacionados con el bloque que está siendo utilizado para comprobar la cadena de certificados, lo que podría permitir a atacantes remotos evitar las restricciones de acceso previstas y suplantar clientes. • http://secunia.com/advisories/51251 http://www.debian.org/security/2012/dsa-2573 http://www.openwall.com/lists/oss-security/2012/10/17/7 http://www.openwall.com/lists/oss-security/2012/10/31/6 http://www.securityfocus.com/bid/56105 https://postlister.uninett.no/sympa/arc/radsecproxy/2012-09/msg00001.html https://postlister.uninett.no/sympa/arc/radsecproxy/2012-09/msg00006.html https://project.nordu.net/browse/RADSECPROXY-43 • CWE-264: Permissions, Privileges, and Access Controls •