Remote Authentication Dial In User Service (RADIUS), a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) services to connect network resources. Attacker can use crafted username which could lead to Denial of Service.
To Authenticate and Authorize users, RADIUS server connects to Domain
controller. Active Directory is queried for username upon incoming
access request message. This involves establishing LDAP connection and
passing LDAP query.
LDAP filter tests the username for predefined special characters and
normalize them except NUL character. If username string starts with NUL
character it causes Active Directory Domain Controller server to return
an error value. Multiple invalid requests cause RADIUS server to
disassociated from Active Directory Domain controller. Causing Denial of
So if you aware on this and haven't patch you IPS signature yet? Please update it quickly to prevent your network.
Source : Dell SonicWALL Security Center