sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00
Code
samba-mirror/source4/auth/ntlm
History
Stefan Metzmacher 1414269dcc CVE-2021-20251: s4:auth: fix use after free in authsam_logon_success_accounting() 
This fixes a use after free problem introduced by
commit 7b8e32efc336fb728e0c7e3dd6fbe2ed54122124,
which has msg = current; which means the lifetime
of the 'msg' memory is no longer in the scope of th
caller.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15253

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-11-24 11:01:37 +00:00
..
auth_anonymous.c
auth4: Make auth_anonymous pseudo-async
2021-04-16 09:38:35 +00:00
auth_developer.c
CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info
2022-07-27 10:52:36 +00:00
auth_sam.c
CVE-2021-20251: s4:auth: fix use after free in authsam_logon_success_accounting()
2022-11-24 11:01:37 +00:00
auth_server_service.c
auth: Use DBGC_AUTH as DBGC_CLASS for AD DC NTLM auth code.
2018-05-21 23:48:18 +02:00
auth_simple.c
s4:auth: let authenticate_ldap_simple_bind() pass down the mapped nt4names
2022-03-10 04:10:54 +00:00
auth_util.c
s4:auth: encrypt_user_info() should set password_state instead of mapped_state
2022-03-10 03:16:35 +00:00
auth_winbind.c
CVE-2021-20251: s4:auth: fix use after free in authsam_logon_success_accounting()
2022-11-24 11:01:37 +00:00
auth.c
s4:auth: check for user_info->mapped.account_name if it needs to be filled
2022-03-10 03:16:35 +00:00
wscript_build
s4-auth: For LDAP simple bind, fall back to checking the ENCTYPE_AES256_CTS_HMAC_SHA1_96 if stored
2022-06-26 22:10:29 +00:00