Home > mailing lists

pgsql: Fix low-risk potential denial of service against RADIUS login. - Mailing list pgsql-committers

From	Magnus Hagander
Subject	pgsql: Fix low-risk potential denial of service against RADIUS login.
Date	October 15, 2010 12:03:31
Msg-id	E1P6loX-0005uf-I6@gemulon.postgresql.org Whole thread Raw
Responses	Re: pgsql: Fix low-risk potential denial of service against RADIUS login.
List	pgsql-committers

Tree view

Fix low-risk potential denial of service against RADIUS login.

Corrupt RADIUS responses were treated as errors and not ignored
(which the RFC2865 states they should be). This meant that a
user with unfiltered access to the network of the PostgreSQL
or RADIUS server could send a spoofed RADIUS response
to the PostgreSQL server causing it to reject a valid login,
provided the attacker could also guess (or brute-force) the
correct port number.

Fix is to simply retry the receive in a loop until the timeout
has expired or a valid (signed by the correct RADIUS server)
packet arrives.

Reported by Alan DeKok in bug #5687.

Branch
------
master

Details
-------
http://git.postgresql.org/gitweb?p=postgresql.git;a=commitdiff;h=0e7f7071e893bb171150e53271404b0819a40669

Modified Files
--------------
src/backend/libpq/auth.c |  220 ++++++++++++++++++++++++++--------------------
1 files changed, 126 insertions(+), 94 deletions(-)

pgsql-committers by date:

From: andrewd@pgfoundry.org (User Andrewd)
Date: 15 October 2010, 11:16:29
Subject: pgbuildfarm - client-code: facility to add notes for member on server

From: Thom Brown
Date: 15 October 2010, 12:18:08
Subject: Re: pgsql: Fix low-risk potential denial of service against RADIUS login.

pgsql: Fix low-risk potential denial of service against RADIUS login. - Mailing list pgsql-committers

Previous

Next