#4441 [RFE] Avoid OTP local race conditions
Closed: Duplicate None Opened 10 years ago by npmccallum.

Currently, it is possible to simultaneously execute multiple authentications against a server. This may cause race conditions with the HOTP counter or (less likely) the TOTP watermark. It may also permit a rapid replay attack.


4.1 should address at least this concern.

I opened a newer bug. Sorry closing the older one as a dup of a newer one #4493.

Metadata Update from @npmccallum:
- Issue assigned to npmccallum
- Issue set to the milestone: FreeIPA 4.1

7 years ago

Log in to comment on this ticket.

Metadata