[Issues] [mod_auth_xradius 0000039]: Authenticator field is always
the same.
issues at outoforder.cc
issues at outoforder.cc
Tue Jul 5 13:42:04 EST 2005
The following issue has been SUBMITTED.
======================================================================
<http://issues.outoforder.cc/view.php?id=39>
======================================================================
Reported By: chip
Assigned To:
======================================================================
Project: mod_auth_xradius
Issue ID: 39
Category: RADIUS Issue
Reproducibility: always
Severity: minor
Priority: normal
Status: new
Apache Version: unspecified
======================================================================
Date Submitted: 07-05-2005 13:42 EST
Last Modified: 07-05-2005 13:42 EST
======================================================================
Summary: Authenticator field is always the same.
Description:
The Authenticator field is always the same value in requests for
authentication.
This causes some RADIUS servers to reject the authentication request as a
duplicate packet.
This is a violation of a SHOULD from the RFC. It has potential security
implications that could allow spoofing.
======================================================================
Issue History
Date Modified Username Field Change
======================================================================
07-05-05 13:42 chip New Issue
07-05-05 13:42 chip Apache Version => unspecified
======================================================================
More information about the Issues
mailing list