Full Disclosure: Re: Cisco Security Advisory: RADIUS Authentication Bypass

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: Cisco Security Advisory: RADIUS Authentication Bypass

From: cstone <cstone () pobox com>
Date: Wed, 29 Jun 2005 12:46:14 -0400

On Wed, Jun 29, 2005 at 05:00:00PM +0200, Cisco Systems Product Security Incident Response Team wrote:

i would like to file a bug with this advisory (infinite loop):

[...]

4. Is there any other method between RADIUS and none?
No: You are vulnerable.
Yes: Go to step 5.

5. Is the other authentication method local?
No: You are not vulnerable.
Yes: Go to step 4.


[...]
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Cisco Security Advisory: RADIUS Authentication Bypass Cisco Systems Product Security Incident Response Team (Jun 29)
- Re: Cisco Security Advisory: RADIUS Authentication Bypass cstone (Jun 29)