CVE-2004-2163 - Chelonian Recapitulations

Description

login_radius on OpenBSD 3.2 3.5 and possibly other versions does not verify the shared secret in a response packet from a RADIUS server which allows remote attackers to bypass authentication by spoofing server replies.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0058.html http://www.reseau.nl/advisories/0400-openbsd-radius.txt http://www.openbsd.org/errata35.html#radius http://www.securityfocus.com/bid/11227 http://secunia.com/advisories/12617 http://www.osvdb.org/10203 https://exchange.xforce.ibmcloud.com/vulnerabilities/17456