Bugtraq mailing list archives

Re: An Analysis of the TACACS+ Protocol and its Implementations

From: fygrave () TIGERTEAM NET (Fyodor)
Date: Fri, 2 Jun 2000 07:28:23 +0400


On Thu, 1 Jun 2000, Juan M. Courcoul wrote:

~
~ For those of us who have opted to use RADIUS instead of TACACS, is there
~ an equivalent vulnerability analysis available somewhere ?
~

No complete analysis paper I have seen so far, but a few problems in RADIUS
protocol have been spotted out some time ago too.  Possible dictionary
attack on 'shared secret' passwords (could be used to spoof Access-Accept
packets)  if an attacker is able to sniff communication between radius
server and client is what I can remember from the top of my head. :)

Current thread:

Re: An Analysis of the TACACS+ Protocol and its Implementations, (continued)
- Re: An Analysis of the TACACS+ Protocol and its Implementations Eccentric (Jun 01)
  - HP Security vulnerability in the man command Jason Axley (Jun 02)
    - MDMA Advisory #5: Reading of CGI Scripts under Savant Webserver Drew (Jun 05)
    - Re: HP Security vulnerability in the man command Theo de Raadt (Jun 05)
    - Re: HP Security vulnerability in the man command Philipp Buehler (Jun 06)
    - Password Generation during RH Linux 6.x Installation William R. Lorenz (Jun 07)
    - Re: Password Generation during RH Linux 6.x Installation Fabian Kroenner (Jun 08)
    - Re: HP Security vulnerability in the man command V. T. Mueller (Jun 07)
  - Re: An Analysis of the TACACS+ Protocol and its Implementations Dylan (Jun 02)
  - Microsoft Security Bulletin (MS00-037) Microsoft Product Security (Jun 02)
- Re: An Analysis of the TACACS+ Protocol and its Implementations Fyodor (Jun 01)