pam_radius and Blast RADIUS

marki jm+freeradiususer at roth.lu
Thu Jul 11 08:03:27 UTC 2024


Have you read what Blastradius is about? 
Since we don't know your network, it is hard to say.
In any case it wouldn't hurt to use an updated client.

El 11 de julio de 2024 8:25:41 CEST, Eric Lin <pirate585 at gmail.com> escribió:
>Hello,
>
>We are using pam_radius for authentication.
>on Both radius server and radius client *Ubuntu 22.04), after upgrade
>to 3.2.5-1, I am seeing
>
>!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>BlastRADIUS check: Received packet without Message-Authenticator.
>Setting "require_message_authenticator = false" for client
>client_10.42.18.224_28
>!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>UPGRADE THE CLIENT AS YOUR NETWORK IS VULNERABLE TO THE BLASTRADIUS ATTACK.
>Once the client is upgraded, set "require_message_authenticator =
>true" for  client client_10.42.18.224_28
>!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>BlastRADIUS check: Received packet without Proxy-State.
>Setting "limit_proxy_state = true" for client client_10.42.18.224_28
>!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>The packet does not contain Message-Authenticator, which is a security issue.
>UPGRADE THE CLIENT AS YOUR NETWORK MAY BE VULNERABLE TO THE BLASTRADIUS ATTACK.
>Once the client is upgraded, set "require_message_authenticator =
>true" for client client_10.42.18.224_28
>!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>
>the client package version is
>~# apt list --installed |grep radius
>
>WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
>
>freeradius-common/jammy,now 3.2.5-1 all [installed,automatic]
>freeradius-config/jammy,now 3.2.5-1 amd64 [installed,automatic]
>freeradius-utils/jammy,now 3.2.5-1 amd64 [installed]
>libfreeradius3/jammy,now 3.2.5-1 amd64 [installed,automatic]
>libpam-radius-auth/jammy,now 2.0.0-1 amd64 [installed]
>
>Should I take any action?
>
>Regards,
>Eric
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list