[tac_plus] tac_plus*** buffer overflow detected *** PROBLEM

Yagnesh Dave yagneshdaveyagi at gmail.com
Fri Dec 17 13:54:52 UTC 2010


Hello,

I am trying to configure tacacs+-F4.0.4.19 for using it with Juniper for
authentication. I have done the configuration as given below for allow/deny
commands.

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
service = junos-exec {
allow-configuration = "(interfaces .* ethernet-switching .*)|(protocols ospf
area)|(protocols ospf backup-spf-options)|(protocols ospf export)|(protocols
ospf import)|(protocols ospf external-preference)|(routing-options static
route)"
deny-configuration = "(.* traceoptions)|(system)|(chassis)|(interfaces
lo0)|(firewall)|(routing-options router-id)|(routing-options
nonstop-routing)|(protocols bgp local-as)|(protocols mstp .*)|(protocols
ospf disable)|(protocols ospf database-protection)"
allow-commands = "(clear interfaces statistics .*)|(ping .*)|(traceroute
.*)|(show log messages .*)"
deny-commands = "(request)|(restart)|(start.*)|(test)|(clear
.*)|(file)|(op)|(set)|(start)|(show system .*)|(edit)|(configure)"
}
------------------------------------------------------------------------------------------------------------------------------------------------------------------
Now with this when i try to start the server it gives the bellow error,
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Starting TACACS+ Daemon: tac_plus*** buffer overflow detected ***:
/opt/tac-plus/bin/tac_plus terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x50)[0xb76c0390]
/lib/tls/i686/cmov/libc.so.6(+0xe12ca)[0xb76bf2ca]
/lib/tls/i686/cmov/libc.so.6(+0xe05fa)[0xb76be5fa]
/opt/tac-plus/bin/tac_plus[0x804d287]
/opt/tac-plus/bin/tac_plus[0x804d4e8]
/opt/tac-plus/bin/tac_plus[0x804e886]
/opt/tac-plus/bin/tac_plus[0x804e8e8]
/opt/tac-plus/bin/tac_plus[0x8058f49]
/opt/tac-plus/bin/tac_plus[0x805949a]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0xb75f4bd6]
/opt/tac-plus/bin/tac_plus[0x8049ee1]
======= Memory map: ========
08048000-0805f000 r-xp 00000000 08:01 2097163    /opt/tac-plus/bin/tac_plus
0805f000-08060000 r--p 00016000 08:01 2097163    /opt/tac-plus/bin/tac_plus
08060000-08061000 rw-p 00017000 08:01 2097163    /opt/tac-plus/bin/tac_plus
08061000-08063000 rw-p 00000000 00:00 0
087e0000-08801000 rw-p 00000000 00:00 0          [heap]
b75b8000-b75d5000 r-xp 00000000 08:01 1572919    /lib/libgcc_s.so.1
b75d5000-b75d6000 r--p 0001c000 08:01 1572919    /lib/libgcc_s.so.1
b75d6000-b75d7000 rw-p 0001d000 08:01 1572919    /lib/libgcc_s.so.1
b75dc000-b75de000 rw-p 00000000 00:00 0
b75de000-b7731000 r-xp 00000000 08:01 1573227    /lib/tls/i686/cmov/
libc-2.11.1.so
b7731000-b7732000 ---p 00153000 08:01 1573227    /lib/tls/i686/cmov/
libc-2.11.1.so
b7732000-b7734000 r--p 00153000 08:01 1573227    /lib/tls/i686/cmov/
libc-2.11.1.so
b7734000-b7735000 rw-p 00155000 08:01 1573227    /lib/tls/i686/cmov/
libc-2.11.1.so
b7735000-b7738000 rw-p 00000000 00:00 0
b7738000-b774d000 r-xp 00000000 08:01 1573256    /lib/tls/i686/cmov/
libpthread-2.11.1.so
b774d000-b774e000 r--p 00014000 08:01 1573256    /lib/tls/i686/cmov/
libpthread-2.11.1.so
b774e000-b774f000 rw-p 00015000 08:01 1573256    /lib/tls/i686/cmov/
libpthread-2.11.1.so
b774f000-b7751000 rw-p 00000000 00:00 0
b7751000-b775a000 r-xp 00000000 08:01 1573232    /lib/tls/i686/cmov/
libcrypt-2.11.1.so
b775a000-b775b000 r--p 00008000 08:01 1573232    /lib/tls/i686/cmov/
libcrypt-2.11.1.so
b775b000-b775c000 rw-p 00009000 08:01 1573232    /lib/tls/i686/cmov/
libcrypt-2.11.1.so
b775c000-b7783000 rw-p 00000000 00:00 0
b7783000-b7796000 r-xp 00000000 08:01 1573241    /lib/tls/i686/cmov/
libnsl-2.11.1.so
b7796000-b7797000 r--p 00012000 08:01 1573241    /lib/tls/i686/cmov/
libnsl-2.11.1.so
b7797000-b7798000 rw-p 00013000 08:01 1573241    /lib/tls/i686/cmov/
libnsl-2.11.1.so
b7798000-b779b000 rw-p 00000000 00:00 0
b779b000-b779f000 r-xp 00000000 08:01 2097156
/opt/tac-plus/lib/libtacacs.so.1.0.0
b779f000-b77a0000 r--p 00003000 08:01 2097156
/opt/tac-plus/lib/libtacacs.so.1.0.0
b77a0000-b77a1000 rw-p 00004000 08:01 2097156
/opt/tac-plus/lib/libtacacs.so.1.0.0
b77a1000-b77a8000 r-xp 00000000 08:01 1577063    /lib/libwrap.so.0.7.6
b77a8000-b77a9000 r--p 00006000 08:01 1577063    /lib/libwrap.so.0.7.6
b77a9000-b77aa000 rw-p 00007000 08:01 1577063    /lib/libwrap.so.0.7.6
b77ae000-b77b1000 rw-p 00000000 00:00 0
b77b1000-b77b2000 r-xp 00000000 00:00 0          [vdso]
b77b2000-b77cd000 r-xp 00000000 08:01 1572959    /lib/ld-2.11.1.so
b77cd000-b77ce000 r--p 0001a000 08:01 1572959    /lib/ld-2.11.1.so
b77ce000-b77cf000 rw-p 0001b000 08:01 1572959    /lib/ld-2.11.1.so
bffab000-bffc0000 rw-p 00000000 00:00 0          [stack]
Aborted
.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Can anybody help me to overcome this problem?

Thanks in advance.

Yagnesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20101217/bbd5ba19/attachment.html>


More information about the tac_plus mailing list