RADIUS (Summary)

Aleph One (aleph1@DFW.NET)
Sun, 22 Feb 1998 13:07:55 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dave Stewart: "Re: RADIUS (Summary)"
Previous message: Phillip R. Jaenke: "Re: Serious bug in "radius" dialup authentication software"
Next in thread: Dave Stewart: "Re: RADIUS (Summary)"

This is a summary of reports about the radius vulnerability that
Phillip R. Jaenke reported. Giving the large number of people that
have reported that they are not vulnerable I must wonder what is
unique in Phillip's environment that is causing this. Only one person
reported Merit RADIUS being vulnerable and that has not been
confirmed yet.

So far reported not vulnerable:

Merit 2.4.23C,
Livingston RADIUS 2.0.1 97/5/22
Livingstons RADIUS 2.01
Perl RADIUS module
MacRADIUS
ESVA Radius

Reported vulnerable:

Livingston 1.16 to 2.01 (Phillip R. Jaenke)
RadiusNT v2.x (Phillip R. Jaenke)
merit radius 2.4.23C (jbeley@puma.sirinet.net)

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01

Next message: Dave Stewart: "Re: RADIUS (Summary)"
Previous message: Phillip R. Jaenke: "Re: Serious bug in "radius" dialup authentication software"
Next in thread: Dave Stewart: "Re: RADIUS (Summary)"