The vulnerability can cause authentication requests to be sent to the RADIUS authentication server which may allow for unintended successful authentication.

New builds of Junos OS software are available from Juniper.

When a RADIUS authentication server is configured under [system radius-server], an entry is created in /var/etc/pam_radius.conf. An issue was discovered where RADIUS accounting servers configured under [system accounting destination radius] are also propagated to pam_radius.conf. If the same RADIUS server is used for both authentication and accounting - a common configuration - the issue is less severe since RADIUS authentication is sent to the intended server despite the duplicate entries. However, if the RADIUS authentication server is later removed from the configuration, the duplicate entry created by configuration of the RADIUS accounting server will remain in pam_radius.conf, also leading to possible unintended authentication success.

Junos OS 11.4, 12.1, 12.2, 12.3, 13.1, 13.2 and 13.3

Check the OS build.

• http://kb.juniper.net/JSA10654
• http://www.securityfocus.com/bid/70365

---

Updated on 2015-03-25