Unrated severityNVD Advisory· Published Mar 22, 2006· Updated Apr 16, 2026
CVE-2006-1354
CVE-2006-1354
Description
Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module.
Affected products
7cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:1.1.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
19- secunia.com/advisories/19300nvdPatchVendor Advisory
- patches.sgi.com/support/free/security/advisories/20060404-01-U.ascnvd
- lists.suse.de/archive/suse-security-announce/2006-Mar/0009.htmlnvd
- rhn.redhat.com/errata/RHSA-2006-0271.htmlnvd
- secunia.com/advisories/19405nvd
- secunia.com/advisories/19518nvd
- secunia.com/advisories/19527nvd
- secunia.com/advisories/19811nvd
- secunia.com/advisories/20461nvd
- securitytracker.com/idnvd
- www.debian.org/security/2006/dsa-1089nvd
- www.freeradius.org/security.htmlnvd
- www.gentoo.org/security/en/glsa/glsa-200604-03.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.securityfocus.com/bid/17171nvd
- www.trustix.org/errata/2006/0020nvd
- www.vupen.com/english/advisories/2006/1016nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/25352nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10156nvd
News mentions
0No linked articles in our index yet.