-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Attention!!!! If you use poptop vpn server AND you use the patch for
ppp which allows you to use smbpasswd for chap-secrets logins, then
this is for you.

The following security issue has come up!

If you use the smbpasswd patch for ppp, and you ONLY specify
*               *       &/home/samba/smbpasswd  *
in your chap-secrets file, YOU ARE WIDE OPEN!!!

I am running 2.2.16, ppp-2.4.0, and using that very patch, as well as
mppe, require-mppe, and mschapstripdomain, and in testing I found
that if you have just that entry, ANYONE CAN LOGIN USING A BLANK
USERNAME AND PASSWORD. If they specify a username that does not
exist, IT STILL WORKS!!!! Also, if you for some reason have a user
listed in chap-secrets that is NOT in smbpasswd, THEY CAN STILL LOG
IN!!!

The ONLY "secure" method I have found so far is by explicitly listing
ONLY the users you want to have vpn access in chap-screts, and for
each user using the &/home/samba/smbpasswd or wherever your file is.

This was discovered by another member on the poptop user list, I am
just forwarding that info here in case anyone uses this method of
authentication, as I am. Luckily they found it. Who knows what
systems have already been "penetrated"

I did NOT do any testing of access rights with any "false" logins, so
there may not be as big a security issue, but ANY login without a
valid user is a BIG problem in my book.


Again, only specify VALID users with the smbpasswd patch!!!

Share and enjoy...


P.S. Sorry to post this so much, but I was not previously aware of
this problem, so I dont' think others are either, and they NEED to
be...

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOp9FExeamMdwy9TXEQLzAACg8pAkEq5fa/MNlV/GThpMnE1cfAwAn3fE
v4h3xpH4kx3I0Qy4fpO1mpw5
=ywpk
-----END PGP SIGNATURE-----



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to