CERT Advisory CA-2002-06 Vulnerabilities in Various Implementations of the RADIUS Protocol. On March 4 2002, CERT (www.cert.org) released an advisory (CA-2002-06 http://www.cert.org/advisories/CA-2002-06.html) on security problems with a number of Radius servers.

We are pleased to report that OSC’s Radiator Radius server is not vulnerable to either of the security problems reported in that Advisory.

Radiator is written in Perl, a high level language which is less vulnerable to the kinds of security problems described in the Advisory. Radiator was developed completely independently of any other Radius implementation, and therefore has not inherited the reported faulty code.

Many of the Radius implementations mentioned in the Advisory are based on a common C code base that was originally provide as freeware over 5 years ago. Radiator does not use any of this code.

Radiator is the highly flexible, configurable and extensible Radius server from Open System Consultants. Designed from the ground up it offer features and options not found in any other Radius server, it uses the latest Object Oriented technology to achieve superior reliability and flexibility.

Open System Consultants is a private software company based in Australia, founded in 1992. It provides world class products for telecommunications companies, ISPs, and Corporate networks.