joe <[EMAIL PROTECTED]> wrote: > Does anyone know if this effects the client implementations of > mod_auth_radius for apache and pam_radius_auth?
Neither are vulnerable. VU#589523 : Both clients calculate the digest using multiple calls to MD5, instead of permitting a bugger overflow. VU#936683 : Both clients ignore VSA's, so they bypass this vulnerability. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
