[6166] in bugtraq
Re: Serious bug in "radius" dialup authentication software
daemon@ATHENA.MIT.EDU (James Sneeringer)
Mon Feb 23 18:50:01 1998
Date: Mon, 23 Feb 1998 00:23:17 -0600
Reply-To: James Sneeringer <jvs@OCSLINK.COM>
From: James Sneeringer <jvs@OCSLINK.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19423.888201121@dumbcat.codewright.com>
On Sun, 22 Feb 1998, Marco S Hyman wrote:
| Look at radius.h in the original Livingston code. You'll see:
| #define AUTH_STRING_LEN 128 /* maximum of 254 */
Based on some limited tested I did, PortMasters (ComOS 3.7.2) never send a
username longer than 63 characters. Incidentally, this is the lowest
maximum length recommended by RFC 2058 (section 5.1).
I think it likely that some NAS vendor out there has (or had) a seriously
broken RADIUS implementation, such that it ends up passing some pretty
funky data to radiusd.
It would help if the original poster could also specify the make and model
of the NAS tested on, and what OS version is was running.
-James
