Tag: RADIUS

RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
News

RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks

Researchers in cybersecurity have found a security flaw in the RADIUS network authentication protocol known as BlastRADIUS. In some situations, this flaw might be used by an attacker to launch Mallory-in-the-middle (MitM) attacks and evade integrity checks. According to InkBridge Networks CEO and FreeRADIUS Project inventor Alan DeKok, some Access-Request messages can be sent without any integrity or authentication checks because of the RADIUS protocol, the company claimed in a statement. An attacker can therefore alter these packets covertly. Any user could be forced to authenticate and granted any kind of authorization (VLAN, etc.) by the attacker. The client/server protocol known as RADIUS, or Remote Authentication Dial-In User Service, offers centralized authentication, autho...