Bugtraq mailing list archives
An Analysis of the TACACS+ Protocol and its Implementations
From: gaus () CISCO COM (Damir Rajnovic)
Date: Mon, 10 Jul 2000 10:29:07 +0100
Hello, For all of you who do remember Solar's analysis and my reply on this subject (my reply is at [probably wrapped]: 4.2.0.58.20000530120817.00acec70 () amsterdam cisco com">http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-05-29&msg=4.2.0.58.20000530120817.00acec70 () amsterdam cisco com</A> ) We updated our unsupported version of TACACS+ server so it is no longer vulnerable to oversized T+ packets. You can download the new version, F4.0.4 alpha, if you follow this URL: ftp://ftp-eng.cisco.com/pub/tacacs Cheers, Gaus ============== Damir Rajnovic <psirt () cisco com>, PSIRT Incident Manager, Cisco Systems <http://www.cisco.com/warp/public/707/sec_incident_response.shtml> Phone: +44 7715 546 033 4 The Square, Stockley Park, Uxbridge, MIDDLESEX UB11 1BN, GB ============== There is no insolvable problems. Question remains: can you accept the solution?
Current thread:
- An Analysis of the TACACS+ Protocol and its Implementations Damir Rajnovic (Jul 10)