FWIW, this "vulnerability" was being exploited as early as 2003 when certain ADSL routers had a defect that caused them to overwhelm authentication servers that still had forking modes of operation best suited to a dialup environment. Basically if they were denied authentication the routers would immediately retry with the same credentials, at a rate of about 15 times per second.
We would forge "accept" packets to quarantine the dirty routers as a way of resolving a race condition that otherwise created a cascading denial of service. Not long after we switched to using Radiator which didn't have this problem. I don't believe that anyone ever expected UDP RADIUS packets to traverse public networks, although I suppose I am not surprised this needs to be announced as a threat. John On Thu, 11 Jul 2024 at 12:19, David Beveridge <[email protected]> wrote: > CVE-2024-3596 > > https://www.helpnetsecurity.com/2024/07/09/blastradius-radius-protocol-vulnerability/ > _______________________________________________ > AusNOG mailing list > [email protected] > https://lists.ausnog.net/mailman/listinfo/ausnog >
_______________________________________________ AusNOG mailing list [email protected] https://lists.ausnog.net/mailman/listinfo/ausnog
