(RADIATOR) radius vulnerabilities and radiator specific response
DELORT Stephane
Stephane.DELORT at murex.com
Tue May 31 10:34:31 CDT 2005
Hello,
I was glad to see that Radiator does not have any flaws logged by the CERT :
http://www.cert.org/advisories/CA-2002-06.html
Anyway, I saw on [1] that the RADIUS protocol still has vulnerabilities such as :
1 Response Authenticator Based Shared Secret Attack
2 User-Password Attribute Cipher Design Comments
3 User-Password Attribute Based Shared Secret Attack
4 User-Password Based Password Attack
5 Request Authenticator Based Attacks
- Passive User-Password Compromise Through Repeated Request Authenticators
- Active User-Password Compromise through Repeated Request Authenticators
- Replay of Server Responses through Repeated Request Authenticators
- DOS Arising from the Prediction of the Request Authenticator
6 Shared Secret Hygiene
I also noticed that using PEAP and MSCHAPv2 secure the request/[access|reject] exchanges and made some attacks more difficult or impossible (since a quantum processor is not yet released).
I am well aware that the website from which I picked up this information had been last updated in 2001.
Moreover some 'tricks' might require time and expertise before leading an attack to success.
But anyway, can anyone told me if these vulnerabilities are still open and more accuratly with Radiator ?
Kind regards,
Stéphane
[1] http://www.untruth.org/~josh/security/radius/radius-auth.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20050531/1f50f4b5/attachment.html>
More information about the radiator
mailing list