Untriaged
packet.py in pyrad before 2.1 uses weak random numbers to …
packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.
References
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115677… x_refsource_CONFIRM
- https://bugzilla.redhat.com/show_bug.cgi?id=911682 x_refsource_CONFIRM
- https://github.com/wichert/pyrad/commit/38f74b36814ca5b1a27d9898141126af4953bee5 x_refsource_CONFIRM
- http://www.securityfocus.com/bid/57984 x_refsource_MISC
- http://www.openwall.com/lists/oss-security/2013/02/15/13 x_refsource_MISC
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82133 x_refsource_MISC
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116567… x_refsource_CONFIRM
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115705… x_refsource_CONFIRM
- https://bugzilla.redhat.com/show_bug.cgi?id=911682 x_refsource_CONFIRM x_transferred
- https://github.com/wichert/pyrad/commit/38f74b36814ca5b1a27d9898141126af4953bee5 x_refsource_CONFIRM x_transferred
- http://www.securityfocus.com/bid/57984 x_refsource_MISC x_transferred
- http://www.openwall.com/lists/oss-security/2013/02/15/13 x_refsource_MISC x_transferred
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82133 x_refsource_MISC x_transferred
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116567… x_refsource_CONFIRM x_transferred
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115705… x_refsource_CONFIRM x_transferred
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115677… x_refsource_CONFIRM x_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=911682 x_refsource_CONFIRM
- https://github.com/wichert/pyrad/commit/38f74b36814ca5b1a27d9898141126af4953bee5 x_refsource_CONFIRM
- http://www.securityfocus.com/bid/57984 x_refsource_MISC
- http://www.openwall.com/lists/oss-security/2013/02/15/13 x_refsource_MISC
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82133 x_refsource_MISC
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116567… x_refsource_CONFIRM
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115705… x_refsource_CONFIRM
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115677… x_refsource_CONFIRM
- https://bugzilla.redhat.com/show_bug.cgi?id=911682 x_refsource_CONFIRM x_transferred
- https://github.com/wichert/pyrad/commit/38f74b36814ca5b1a27d9898141126af4953bee5 x_refsource_CONFIRM x_transferred
- http://www.securityfocus.com/bid/57984 x_refsource_MISC x_transferred
- http://www.openwall.com/lists/oss-security/2013/02/15/13 x_refsource_MISC x_transferred
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82133 x_refsource_MISC x_transferred
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116567… x_refsource_CONFIRM x_transferred
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115705… x_refsource_CONFIRM x_transferred
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115677… x_refsource_CONFIRM x_transferred
Affected products
pyrad
- ==before 2.1
Matching in nixpkgs
pkgs.pyradio
Curses based internet radio player
-
nixos-unstable 0.9.3.11.27
- nixpkgs-unstable 0.9.3.11.27
- nixos-unstable-small 0.9.3.11.27
-
nixos-25.11 0.9.3.11.27
- nixos-25.11-small 0.9.3.11.27
- nixpkgs-25.11-darwin 0.9.3.11.27
pkgs.python312Packages.pyrad
Python RADIUS Implementation
-
nixos-25.11 2.4-unstable-2024-07-24
- nixos-25.11-small 2.4-unstable-2024-07-24
- nixpkgs-25.11-darwin 2.4-unstable-2024-07-24
pkgs.python313Packages.pyrad
Python RADIUS Implementation
-
nixos-unstable 2.4-unstable-2025-12-02
- nixpkgs-unstable 2.4-unstable-2025-12-02
- nixos-unstable-small 2.4-unstable-2025-12-02
-
nixos-25.11 2.4-unstable-2024-07-24
- nixos-25.11-small 2.4-unstable-2024-07-24
- nixpkgs-25.11-darwin 2.4-unstable-2024-07-24
pkgs.python314Packages.pyrad
Python RADIUS Implementation
-
nixos-unstable 2.4-unstable-2025-12-02
- nixpkgs-unstable 2.4-unstable-2025-12-02
- nixos-unstable-small 2.4-unstable-2025-12-02
pkgs.python312Packages.pyradios
Python client for the https://api.radio-browser.info
pkgs.python313Packages.pyradios
Python client for the https://api.radio-browser.info
pkgs.python314Packages.pyradios
Python client for the https://api.radio-browser.info
pkgs.python312Packages.pyradiomics
Extraction of Radiomics features from 2D and 3D images and binary masks
pkgs.python313Packages.pyradiomics
Extraction of Radiomics features from 2D and 3D images and binary masks
pkgs.python314Packages.pyradiomics
Extraction of Radiomics features from 2D and 3D images and binary masks
Package maintainers
-
@yayayayaka Yaya <github@uwu.is>
-
@contrun B YI <uuuuuu@protonmail.com>
-
@drawbu Clément Boillot <nixpkgs@drawbu.dev>
-
@bcdarwin Ben Darwin <bcdarwin@gmail.com>