Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: tac_plus version F4.0.4.alpha on at least Solaris 8 sparc
From: Devrim SERAL <devrim.seral () gantek com>
Date: Fri, 01 Feb 2002 13:00:41 +0200

"Kevin A. Nassery" wrote:

Software: tac_plus version F4.0.4.alpha, compiled
        on Solaris 8 sparc.

Abstract:
tac_plus version F4.0.4.alpha, an example Tacacs+ daemon released
(but not supported) by Cisco isn't careful with it's permissions when
creating accounting files.

Vulneribility:
Any file defined with and accounting directive, in a tac_plus
config file, is create with file permissions set at 666.

Allowing any system account to modify its contents.

When appending to the file, if it's not there initially, it is created.
When it is created it is done so with file permissions set at 666.
A simple work arround is to create a file, at the path set in the
config file, and manually set the permission to 600.  The tac_plus
daemon will continue to append to the file, without setting the
permissions back to 666.  I just wanted to make sure this was out there
for people who are rotating logs, and just letting the daemon create
new files.


Hi, 
Our patched version of tacacs+ doesn't affect this type of problem. 
And i remember its fixed 1.5 years ago. 

The project based on Cisco's free tacacs+ F4.0.3.  And we aim to add
more 
feature like db authentication ,  more security ,more flexible config
files and also
more ability..  This project doesn't supported by Cisco but thanks them
for
provide us tacacs+ source code. 

You can find our patched and enhenced version of tacacs+ from :
http://www.gazi.edu.tr/tacacs

Note that i have tested code  primarily  on Linux , Solaris and FreeBSD
And it might be work on other unixes..

devrim


  By Date           By Thread  

Current thread:
  • Re: tac_plus version F4.0.4.alpha on at least Solaris 8 sparc Devrim SERAL (Feb 01)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault