[afnog] Fwd: Blast-RADIUS attack
Noah
noah at neo.co.tz
Tue Jul 9 16:28:59 UTC 2024
FYI Folks
Noah
---------- Forwarded message ---------
From: Sharon Goldberg <sharon.goldbe at gmail.com>
Date: Tue, 9 Jul 2024, 18:32
Subject: Blast-RADIUS attack
To: Nadia Heninger <nadiah at cs.ucsd.edu>, <nanog at nanog.org>
Hi Nanog
Today we announced a vulnerability in the RADIUS protocol, based on its
outdated use of the MD5 hash function. We wanted to share it with this list
because we suspect many NANOG folks could be operating RADIUS in their
networks (to control admin access to routers and switches and other
networking gear).
Our Blast-RADIUS attack allows a Man-in-the-Middle (MitM), with access to
RADIUS traffic, to gain unauthorized administrative access to the devices
using RADIUS clients for authentication. It does this without needing to
brute force or steal credentials or shared secrets. The attack has been
given a CVSS score of 9.0.
This attack works on all authentication modes of RADIUS/UDP apart from
those that use EAP. It exploits a protocol vulnerability that has been
present in the RADIUS specifications since the 1990s. We exploited the
vulnerability by developing an improved attack on the MD5 hash function.
The long-term fix is to run RADIUS over TLS. There are also short term
patches for RADIUS/UDP. Vendors have released new mitigations against this
attack today.
Here’s some more info about the attack and its mitigations.
https://www.blastradius.fail/
https://blog.cloudflare.com/radius-udp-vulnerable-md5-attack/
https://www.inkbridgenetworks.com/blastradius
Thanks
Sharon Goldberg
(for the Blast-RADIUS team)
https://www.blastradius.fail/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.afnog.org/pipermail/afnog/attachments/20240709/78f90462/attachment.html>
More information about the afnog
mailing list