Predictable Random Number Generation in PPP Access Concentrator (PPPAC) Allows Remote Bypass of RADIUS Authentication

Predictable Random Number Generation in PPP Access Concentrator (PPPAC) Allows Remote Bypass of RADIUS Authentication

CVE-2013-4708 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:N

The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic.

Learn more about our Web Application Penetration Testing UK.