cancel
Showing results for 
Search instead for 
Did you mean: 

NSMXpress Password taboo

dawsonpaul_
Not applicable

NSMXpress Password taboo

NSMxpress displays failed authentication passwords in /var/log/messages on failures to the WebUI.

How can this be disabled?

Dec 3 14:32:34 nsmxpress-lab pwauth(pam_unix)[26486]: authentication failure; logname= uid=48 euid=0 tty= ruser= rhost= user=xxxx

Dec 3 14:32:38 nsmxpress-lab /usr/libexec/nsmxwui/login.cgi: Entering [/usr/libexec/nsmxwui/radius/client/RadiusLib.pm : 570]: @ Thu Dec 3 14:32:38 2009 Use
r:
Dec 3 14:32:38 nsmxpress-lab /usr/libexec/nsmxwui/login.cgi: Entering [/usr/libexec/nsmxwui/radius/client/RadiusLib.pm : 220]: @ Thu Dec 3 14:32:38 2009 Use
r:
Dec 3 14:32:38 nsmxpress-lab /usr/libexec/nsmxwui/login.cgi: Debug: Info: All Radius XML entries OK: /etc/nsmxwui/radius/RadiusSvrCfg.xml :[/usr/libexec/nsmx
wui/radius/client/RadiusLib.pm : 304]: @ Thu Dec 3 14:32:38 2009 User:
Dec 3 14:32:38 nsmxpress-lab /usr/libexec/nsmxwui/login.cgi: Entering [/usr/libexec/nsmxwui/radius/client/RadiusLib.pm : 177]: @ Thu Dec 3 14:32:38 2009 Use
r:
Dec 3 14:32:38 nsmxpress-lab /usr/libexec/nsmxwui/login.cgi: Exiting [/usr/libexec/nsmxwui/radius/client/RadiusLib.pm : 209]: @ Thu Dec 3 14:32:38 2009 User
:
Dec 3 14:32:40 nsmxpress-lab /usr/libexec/nsmxwui/login.cgi: Debug: Error: Unknown Radius Response: Not Supported by NSMXpress: [Req:Access-Request Res:Acces
s-Reject] :[/usr/libexec/nsmxwui/radius/client/RadiusLib.pm : 494]: @ Thu Dec 3 14:32:40 2009 User:
Dec 3 14:32:40 nsmxpress-lab /usr/libexec/nsmxwui/login.cgi: Debug: Error: Client Request No: 0 Failed :[/usr/libexec/nsmxwui/radius/client/RadiusLib.pm : 53
7]: @ Thu Dec 3 14:32:40 2009 User:
Dec 3 14:32:40 nsmxpress-lab /usr/libexec/nsmxwui/login.cgi: Debug: Error:Client Request No:1 Failed :[/usr/libexec/nsmxwui/radius/client/RadiusLib.pm : 553]
: @ Thu Dec 3 14:32:40 2009 User:
Dec 3 14:32:40 nsmxpress-lab /usr/libexec/nsmxwui/login.cgi: Exiting [/usr/libexec/nsmxwui/radius/client/RadiusLib.pm : 558]: @ Thu Dec 3 14:32:40 2009 User
:
Dec 3 14:32:40 nsmxpress-lab /usr/libexec/nsmxwui/login.cgi: Debug: Error: Radius Auth Failed over [xxxxx : FailedPassword! : Access-Request] :[/usr/libexe
c/nsmxwui/radius/client/RadiusLib.pm : 607]: @ Thu Dec 3 14:32:40 2009 User:
Dec 3 14:32:40 nsmxpress-lab /usr/libexec/nsmxwui/login.cgi: Exiting [/usr/libexec/nsmxwui/radius/client/RadiusLib.pm : 610]: @ Thu Dec 3 14:32:4

2 REPLIES 2
ngcreator_
Not applicable

Re: NSMXpress Password taboo

I also discovered this bug/issue... just recently... 

the worst thing is that our credentials were correct but the response from Radius was not regnonized by the NSM causing the login attempt to fail. So,  even you were using the correct credentials you were unable to login resulting this information to be exposed!!!

 

What makes me worry is that you didn't get any reply since 2009!..
If I will have any news I'll let you know Smiley Frustrated

 

 

apaul_
Regular Contributor

Re: NSMXpress Password taboo

This seems to me, can be better addressed by the NSM folks.Why don't you post this @ NSM http://forums.juniper.net/t5/Management/bd-p/SecurityManagement