> So far, tested servers are:
> Livingston 1.16 to 2.01
> RadiusNT v2.x
> Merit
>
> So far, the only one NOT vulnerable is Merit. Cistron is untested, so I've
> got not idea whether or not it is. Best way to test is to telnet to a
> terminal server, and login with a valid username, with 40 or more spaces
> after it.
This problem should be non-fatal as long as you are NOT using the "-s"
option. The process that was forked off to handle the offending name will
die causing that one login attempt to fail, but radiusd should continue to
run.
At least, that's what happens with ESVAnet radiusd.
Note: When tested with the Livingston Portmaster 2, you cannot simply
telnet to the NAS to test this. It is necessary to dial in.
I'll take a look at the code Monday morning, but this doesn't look to me
like anything to worry about. At least, not as long as you don't use
single-threaded mode.