Bugtraq mailing list archives

Re: RADIUS (Summary)

From: prj () NLS NET (Phillip R. Jaenke)
Date: Sun, 22 Feb 1998 20:47:57 -0500


On Sun, 22 Feb 1998, Dave Stewart wrote:

To explain further -

Any RADIUS that's based on Livingston RADIUS 2.0 and higher should be
checking for a space in the username, and automatically rejecting the login
attempt.


Sometimes it does, sometimes it sorta hangs. I can't explain this one, as
I've reproduced it twice, and failed to about 20 times. Possibly an
environmental issue on my end. I'm not sure where, though. The 2.01 that I
tested and had the most success on was one with some patches in an attempt
to fix the 'magic 128' bug. They failed miserably, I might add. :(

--Phillip R. Jaenke (prj () raex com | prj () nls net)
Primary Developer, The Improvement Linux Project
Core Team Member, The Cyberian RC5 Effort - http://www.cyberian.org/
AKA Kaeyerai (Rediscovery) of MasterTechnoMonster
Ketyra Designs, Inc. - Imagine Transmeta sans Linus. That's us. :)

Current thread:

Re: Fw: tetex-0.4pl8 world-writable database, (continued)
- Re: Fw: tetex-0.4pl8 world-writable database Marcin Cieslak (Feb 20)
- Pipe attack - an example Micha? Zalewski (Feb 20)
- cfs-1.4.0beta2 root exploitable bug ther (Feb 20)
  - WinGate DoS Matt Carothers (Feb 21)
  - Quick update on Radius bug Phillip R. Jaenke (Feb 21)
  - Workaround for radius bug Phillip R. Jaenke (Feb 21)
  - Re: cfs-1.4.0beta2 root exploitable bug ther (Feb 21)
  - resource starvation against passwd(1) Antonomasia (Feb 22)
  - RADIUS (Summary) Aleph One (Feb 22)
    - Re: RADIUS (Summary) Dave Stewart (Feb 22)
    - Re: RADIUS (Summary) Phillip R. Jaenke (Feb 22)
    - Re: RADIUS (Summary) Josh Richards (Feb 22)