[15713] in bugtraq
An Analysis of the TACACS+ Protocol and its Implementations
daemon@ATHENA.MIT.EDU (Damir Rajnovic)
Mon Jul 10 15:05:23 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-ID: <4.2.0.58.20000710101946.00c45490@144.254.74.36>
Date: Mon, 10 Jul 2000 10:29:07 +0100
Reply-To: Damir Rajnovic <gaus@CISCO.COM>
From: Damir Rajnovic <gaus@CISCO.COM>
X-To: Solar Designer <solar@false.com>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <4.2.0.58.20000530120817.00acec70@amsterdam.cisco.com>
Hello,
For all of you who do remember Solar's analysis and my reply on this
subject (my reply is at [probably wrapped]:
http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-05-29&msg=4.2.0.58.20000530120817.00acec70@amsterdam.cisco.com )
We updated our unsupported version of TACACS+ server so it is no
longer vulnerable to oversized T+ packets. You can download the
new version, F4.0.4 alpha, if you follow this URL:
ftp://ftp-eng.cisco.com/pub/tacacs
Cheers,
Gaus
==============
Damir Rajnovic <psirt@cisco.com>, PSIRT Incident Manager, Cisco Systems
<http://www.cisco.com/warp/public/707/sec_incident_response.shtml>
Phone: +44 7715 546 033
4 The Square, Stockley Park, Uxbridge, MIDDLESEX UB11 1BN, GB
==============
There is no insolvable problems. Question remains: can you
accept the solution?
