mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it is disabled via "ntlm auth".
This fixes a regression that came in via 00db3aba6c
.
Found by Vivek Das <vdas@redhat.com> (Red Hat QE).
In order to demonstrate simply run:
smbclient //server/share -U user%password -mNT1 -c quit \
--option="client ntlmv2 auth"=no \
--option="client use spnego"=no
against a server that uses "ntlm auth = ntlmv2-only" (our default
setting).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
This commit is contained in:
parent
c88f7795b3
commit
c25460ee1f
@ -572,7 +572,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
|
||||
- I think this is related to Win9X pass-though authentication
|
||||
*/
|
||||
DEBUG(4,("ntlm_password_check: Checking NT MD4 password in LM field\n"));
|
||||
if (ntlm_auth) {
|
||||
if (ntlm_auth == NTLM_AUTH_ON) {
|
||||
if (smb_pwd_check_ntlmv1(mem_ctx,
|
||||
lm_response,
|
||||
stored_nt->hash, challenge,
|
||||
|
@ -304,8 +304,9 @@
|
||||
^samba4.smb.signing.*disabled.*signing=off.*\(ad_dc\)
|
||||
# fl2000dc doesn't support AES
|
||||
^samba4.krb5.kdc.*as-req-aes.*fl2000dc
|
||||
# nt4_member and ad_member don't support ntlmv1
|
||||
# nt4_member and ad_member don't support ntlmv1 (not even over SMB1)
|
||||
^samba3.blackbox.smbclient_auth.plain.*_member.*option=clientntlmv2auth=no.member.creds.*as.user
|
||||
^samba3.blackbox.smbclient_auth.plain.*_member.*option=clientntlmv2auth=no.*mNT1.member.creds.*as.user
|
||||
#nt-vfs server blocks read with execute access
|
||||
^samba4.smb2.read.access
|
||||
#ntvfs server blocks copychunk with execute access on read handle
|
||||
|
@ -1,2 +0,0 @@
|
||||
^samba.unittests.ntlm_check.test_ntlm_mschapv2_only_denied
|
||||
^samba.unittests.ntlm_check.test_ntlmv2_only_ntlm\(
|
Loading…
Reference in New Issue
Block a user