Re: SNI-22: RADIUS Advisory

From: miguel a.l. paraz (mapat_private)
Date: Wed Dec 17 1997 - 15:37:06 PST

Next message: Marc Merlin: "CGI security hole in EWS (Excite for Web Servers)"

Previous message: Secure Networks Inc.: "SNI-22: RADIUS Advisory"
Maybe in reply to: Secure Networks Inc.: "SNI-22: RADIUS Advisory"
Next in thread: Thom Henderson: "Re: SNI-22: RADIUS Advisory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Vulnerable Systems:
> ~~~~~~~~~~~~~~~~~~~
>
> All RADIUS servers based off of Livingston's 1.16 RADIUS server.
> Livingston RADIUS servers 2.0, 2.0.1 are not vulnerable.

Cistron radiusd is not vulnerable; it checks the length of the returned
hostname.

--
miguel a.l. paraz       iphil communications, makati city, ph   +63-2-750-2288

Next message: Marc Merlin: "CGI security hole in EWS (Excite for Web Servers)"
Previous message: Secure Networks Inc.: "SNI-22: RADIUS Advisory"
Maybe in reply to: Secure Networks Inc.: "SNI-22: RADIUS Advisory"
Next in thread: Thom Henderson: "Re: SNI-22: RADIUS Advisory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:36:47 PDT