>as is the case with most bugs i read in bugtraq, i tried it out on one of >the >dialup systems we use. i entered a vaild username then entered an >appromiately >128 character lone password....it locked up the >authentication ...i hadreports >of noone being able to log in on that >particular dialup system. the problem >was resolved by killing and >restarting the radius daemon >btw this is on a linux box. This is another known bug, which I call the 'magic 128.' Most, if not all, versions of radius, be it Livingston, Merit, RadiusNT, whatever, will choke HORRIBLY if any entered field is over 128 characters. I don't know if there's a workaround, but I haven't actually looked. I honestly don't think anybody's going to bother with that one too much. -Phillip R. Jaenke (prjat_private) "I break Mac lover's hearts for fun; I install NetBSDm68k"
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:43:00 PDT