Authentication Bypass Vulnerability in login_radius on OpenBSD
CVE-2004-2163 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not verify the shared secret in a response packet from a RADIUS server, which allows remote attackers to bypass authentication by spoofing server replies.
Learn more about our Cis Benchmark Audit For Server Software.