[Issues] [mod_auth_xradius 0000039]: Authenticator field is always
the same.
issues at outoforder.cc
issues at outoforder.cc
Tue Jul 5 13:43:25 EST 2005
The following issue has been RESOLVED.
======================================================================
<http://issues.outoforder.cc/view.php?id=39>
======================================================================
Reported By: chip
Assigned To:
======================================================================
Project: mod_auth_xradius
Issue ID: 39
Category: RADIUS Issue
Reproducibility: always
Severity: minor
Priority: normal
Status: resolved
Apache Version: unspecified
Resolution: fixed
Fixed in Version: 0.4.6
======================================================================
Date Submitted: 07-05-2005 13:42 EST
Last Modified: 07-05-2005 13:43 EST
======================================================================
Summary: Authenticator field is always the same.
Description:
The Authenticator field is always the same value in requests for
authentication.
This causes some RADIUS servers to reject the authentication request as a
duplicate packet.
This is a violation of a SHOULD from the RFC. It has potential security
implications that could allow spoofing.
======================================================================
----------------------------------------------------------------------
chip - 07-05-05 13:43
----------------------------------------------------------------------
Fixed in 0.4.6.
Issue History
Date Modified Username Field Change
======================================================================
07-05-05 13:42 chip New Issue
07-05-05 13:42 chip Apache Version => unspecified
07-05-05 13:43 chip Note Added: 0000046
07-05-05 13:43 chip Status new => resolved
07-05-05 13:43 chip Resolution open => fixed
07-05-05 13:43 chip Fixed in Version => 0.4.6
======================================================================
More information about the Issues
mailing list