Re: Crashing an XTACACS authentication server

[vikas () NAVYA COM (Vikas Aggarwal)]

> I recently discovered that when an ISP was using XTACACS server from
> Vikas Aggarwal (vikas () navya com) in a standalone mode, it was possible
> to make the XTACACS server crash by sending it different type of ICMP
> messages.

Thanks for pointing it out. The daemon was exiting if recvfrom() returned
an error- this has been fixed.

A beta version of the patched code is at ftp.navya.com.

        -vikas
        Vikas Aggarwal
        vikas () navya com