*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Jamie Strandboge
(jdstrand):
I am attempting to plug my FreeRADIUS servers CA certificate into my
Ubuntu client to validate that the sever is valid before authentication.
However, the client seems to ignore the CA certificate specified. I've
been able to successfully connect regardless of the certificate I have
chosen.
This is fairly serious if true, because a malicious FreeRADIUS server
could retrieve the MD4 hashes of passwords (easy to break) from the
client.
My install is 24 hours old, so still very vanilla.
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: network-manager-gnome 0.8.4~git.20110318t152954.9c4c9a0-0ubuntu1
ProcVersionSignature: Ubuntu 2.6.38-11.48-generic 2.6.38.8
Uname: Linux 2.6.38-11-generic x86_64
NonfreeKernelModules: nvidia
Architecture: amd64
CRDA: Error: [Errno 2] No such file or directory
Date: Wed Aug 24 18:31:48 2011
InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Release amd64 (20110426)
IpRoute:
10.20.0.0/24 dev wlan0 proto kernel scope link src 10.20.0.17 metric 2
169.254.0.0/16 dev eth0 proto kernel scope link src 169.254.7.196
default via 10.20.0.1 dev wlan0 proto static
default dev eth0 scope link metric 1002
NetworkManager.state:
[main]
NetworkingEnabled=true
WirelessEnabled=true
WWANEnabled=true
ProcEnviron:
LANGUAGE=en_US:en
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: network-manager-applet
UpgradeStatus: No upgrade log present (probably fresh install)
** Affects: network-manager-applet (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug natty
--
CA Certificate not validated
https://bugs.launchpad.net/bugs/833412
You received this bug notification because you are a member of Ubuntu Bugs,
which is subscribed to the bug report.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
