[RADIATOR] Possible DOS attack against radiator with AuthPAM.pm ?
Markus Moeller
huaraz at moeller.plus.com
Wed Jun 3 16:46:55 CDT 2009
I noticed when I use radpwtst without a username/password to send a request to Radiator which is configured with AuthPAM.pm Radiator loops indefinetly in pam_conv_func. With trace enabled I get millions of messages like "PAM is asking for 2: '....." filling up my disk.
Markus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20090603/f3488f66/attachment.html>
More information about the radiator
mailing list