1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

CVE-2016-2111: s4:rpc_server/netlogon: require DCERPC_AUTH_LEVEL_PRIVACY for validation level 6

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This commit is contained in:
Stefan Metzmacher 2015-08-07 13:33:17 +02:00
parent d4a64baf91
commit 5fe7085e3b

View File

@ -993,6 +993,16 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
break;
case 6:
if (dce_call->conn->auth_state.auth_info == NULL) {
return NT_STATUS_INVALID_PARAMETER;
}
if (dce_call->conn->auth_state.auth_info->auth_level !=
DCERPC_AUTH_LEVEL_PRIVACY)
{
return NT_STATUS_INVALID_PARAMETER;
}
nt_status = auth_convert_user_info_dc_saminfo3(mem_ctx,
user_info_dc,
&sam3);