Password Expiration Bypass Vulnerability in FreeRADIUS
CVE-2011-4966 · MEDIUM Severity
AV:N/AC:M/AU:S/C:P/I:P/A:P
modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password.
Learn more about our User Device Pen Test.