Bugtraq mailing list archives

Re: An Analysis of the TACACS+ Protocol and its Implementations

From: courcoul () CAMPUS QRO ITESM MX (Juan M. Courcoul)
Date: Thu, 1 Jun 2000 09:41:16 -0500


On Tue, 30 May 2000, Solar Designer wrote:

OW-001-tac_plus, revision 1
May 30, 2000

 An Analysis of the TACACS+ Protocol and its Implementations
 -----------------------------------------------------------

...

First off, many thanks to Solar Designer for this insightful TACACS+
analysis.

For those of us who have opted to use RADIUS instead of TACACS, is there
an equivalent vulnerability analysis available somewhere ?

Thanks,

J. Courcoul                               courcoul () campus qro itesm mx
Servicios Computacionales                 Directo    (4) 238-3181
ITESM Campus Queretaro                    Secretaria (4) 238-3175
Queretaro, Qro. Mexico                    Sky (800) 723-4500 PIN 5597110

Current thread:

Re: An Analysis of the TACACS+ Protocol and its Implementations Juan M. Courcoul (Jun 01)
- Re: An Analysis of the TACACS+ Protocol and its Implementations Eccentric (Jun 01)
  - HP Security vulnerability in the man command Jason Axley (Jun 02)
    - MDMA Advisory #5: Reading of CGI Scripts under Savant Webserver Drew (Jun 05)
    - Re: HP Security vulnerability in the man command Theo de Raadt (Jun 05)
    - Re: HP Security vulnerability in the man command Philipp Buehler (Jun 06)
    - Password Generation during RH Linux 6.x Installation William R. Lorenz (Jun 07)
    - Re: Password Generation during RH Linux 6.x Installation Fabian Kroenner (Jun 08)
    - Re: HP Security vulnerability in the man command V. T. Mueller (Jun 07)
  - Re: An Analysis of the TACACS+ Protocol and its Implementations Dylan (Jun 02)
  - Microsoft Security Bulletin (MS00-037) Microsoft Product Security (Jun 02)

(Thread continues...)