[pptp-server] Ppp/pptpd modified for LDAP

Godfrey Livingstone godfrey at hattaways.com
Fri Mar 2 22:15:20 CST 2001


Will you make your patch available.

Adam Tauno Williams wrote:

> >1) If you have configured your PopTop/PPPD system to re-direct PPTP
> >tunnel authentication to use the libsmbpw.o lib's (smbpasswd), then your
> >system appears to be vulnerable to the blank user/pass exploit mentioned in
> >this thread.
> >2) Those of you who are still using the chap-secrets file (no re-direct)
> >for tunnel authentication are NOT vulnerable to the blank user/pass
> >exploit mentioned in this thread. I just verified this on my PopTop server!
> >I do  >not use the re-direct to libsmbpw.o
>
> FWIW, I've tested my ppp/pptpd modified for LDAP authentication and been unable
> to duplicate this exploit.
>
> Systems and Network Administrator
> Morrison Industries
> 1825 Monroe Ave NW.
> Grand Rapids, MI. 49505
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!




More information about the pptp-server mailing list