1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
samba-mirror/source3/utils
Ralph Boehme 2eabbe31f6 CVE-2022-2127: ntlm_auth: cap lanman response length value
We already copy at most sizeof(request.data.auth_crap.lm_resp) bytes to the
lm_resp buffer, but we don't cap the length indicator.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15072

Signed-off-by: Ralph Boehme <slow@samba.org>
2023-07-14 15:16:16 +02:00
..
async-tracker.c s3/async-tracker: don't ignore unknown options 2021-09-10 15:10:30 +00:00
clirap2.c lib: Move push_skip_string() to clirap2.c 2020-05-05 11:48:39 +00:00
clirap2.h libsmb: Move clirap2.c to utils/ 2020-04-18 04:12:48 +00:00
conn_tdb.c s3:utils: assign ids to struct to list shares correctly 2022-03-08 11:31:47 +00:00
conn_tdb.h smbd: Remove unused "struct connections_key" 2021-11-11 19:08:37 +00:00
dbwrap_tool.c s3:utils: Migrate dbwrap_tool to new cmdline option parser 2021-05-25 00:23:37 +00:00
dbwrap_torture.c s3:utils: Migrate dbwrap_torture to new cmdline option parser 2021-05-25 00:23:37 +00:00
destroy_netlogon_creds_cli.c CVE-2022-38023 libcli/auth: pass lp_ctx to netlogon_creds_cli_set_global_db() 2022-12-14 10:28:16 +00:00
eventlogadm.c s3: safe_string: do not include string_wrappers.h 2020-08-28 00:56:34 +00:00
interact.c
interact.h
log2pcaphex.c log2pcaphex: don't ignore unknown options 2021-09-10 15:10:30 +00:00
mdsearch.c s3/utils: Add missing poptFreeContext 2022-10-19 08:39:17 +00:00
mvxattr.c mvxattr: don't ignore unknown options 2021-09-10 15:10:30 +00:00
net_ads_gpo.c s3-net: disable net_ads_gpo_apply() and net_ads_gpo_refresh() 2020-05-26 09:56:39 +00:00
net_ads_join_dns.c samba-tool: Create DNS entries on member join 2021-12-06 22:08:31 +00:00
net_ads.c CVE-2022-37966 s3:net_ads: let 'net ads enctypes list' pretty print AES256-SK and RESOURCE-SID-COMPRESSION-DISABLED 2022-12-14 10:28:17 +00:00
net_afs.c
net_afs.h
net_cache.c
net_conf_util.c
net_conf_util.h
net_conf.c s3:util:net_conf - allow empty path for [homes] 2020-09-24 21:41:12 +00:00
net_dns.c build: Consolidate --with-dnsupdate with --with-ads (which implied HAVE_KRB5) 2021-03-26 04:06:41 +00:00
net_dns.h build: Consolidate --with-dnsupdate with --with-ads (which implied HAVE_KRB5) 2021-03-26 04:06:41 +00:00
net_dom.c CVE-2022-38023 s3:net: add and use net_warn_member_options() helper 2022-12-14 10:28:16 +00:00
net_eventlog.c
net_file.c
net_g_lock.c net: Add g_lock dumpall 2020-05-05 11:48:39 +00:00
net_group.c
net_groupmap.c s3: safe_string: do not include string_wrappers.h 2020-08-28 00:56:34 +00:00
net_help_common.c lib/cmdline: restore s3 option name --max-protocol for MAXPROTOCOL from 4.14 2021-09-10 15:10:30 +00:00
net_help_common.h
net_help.c
net_idmap_check.c
net_idmap_check.h
net_idmap.c lib: relicense smb_strtoul(l) under LGPLv3 2020-08-03 22:21:02 +00:00
net_join.c CVE-2022-38023 s3:net: add and use net_warn_member_options() helper 2022-12-14 10:28:16 +00:00
net_lookup.c net: Use dns_rr_srv->ss_s in "net lookup ldap" 2020-12-11 18:29:32 +00:00
net_notify.c
net_offlinejoin.c CVE-2022-38023 s3:net: add and use net_warn_member_options() helper 2022-12-14 10:28:16 +00:00
net_printing.c
net_proto.h CVE-2022-38023 s3:net: add and use net_warn_member_options() helper 2022-12-14 10:28:16 +00:00
net_rap.c libsmb: Move clirap2.c to utils/ 2020-04-18 04:12:48 +00:00
net_registry_check.c net: Align a few integer types 2022-01-18 20:22:38 +00:00
net_registry_check.h
net_registry_util.c
net_registry_util.h
net_registry.c lib: relicense smb_strtoul(l) under LGPLv3 2020-08-03 22:21:02 +00:00
net_rpc_audit.c
net_rpc_conf.c net: Return share name in correct case from net rpc conf showshare 2019-05-23 23:26:14 +00:00
net_rpc_printer.c printing: move archi_table declarations into nt_printing.h 2020-10-17 09:22:31 +00:00
net_rpc_registry.c lib: relicense smb_strtoul(l) under LGPLv3 2020-08-03 22:21:02 +00:00
net_rpc_rights.c net: Align some integer types 2021-08-06 17:22:30 +00:00
net_rpc_samsync.c net: Use dom_sid_str_buf 2018-12-20 23:40:23 +01:00
net_rpc_service.c s3: safe_string: do not include string_wrappers.h 2020-08-28 00:56:34 +00:00
net_rpc_sh_acct.c
net_rpc_shell.c s3:utils: Use connection and credentials parser in net util 2021-05-28 02:55:31 +00:00
net_rpc_trust.c s3:net: always set ctx->opt_user_specified = true when we overwrite opt_user_name 2020-05-28 06:43:37 +00:00
net_rpc.c CVE-2022-38023 s3:net: add and use net_warn_member_options() helper 2022-12-14 10:28:16 +00:00
net_sam.c source3: move lib/substitute.c functions out of proto.h 2021-11-11 13:49:32 +00:00
net_serverid.c smbd: Give smbXsrv_open.c its own header file 2021-11-11 19:08:37 +00:00
net_share.c net rpc share allowedusers: Allow restricting shares 2018-11-30 03:35:13 +01:00
net_status.c smbd: Remove unused "struct connections_key" 2021-11-11 19:08:37 +00:00
net_tdb.c net_tdb: Use share_mode_data_dump() 2020-11-10 19:49:35 +00:00
net_time.c s3/utils: net time always hardcoded to use SMB1 2019-12-05 17:14:46 +00:00
net_user.c
net_usershare.c s3: safe_string: do not include string_wrappers.h 2020-08-28 00:56:34 +00:00
net_util.c CVE-2022-38023 s3:net: add and use net_warn_member_options() helper 2022-12-14 10:28:16 +00:00
net_vfs.c smbd: NULL out "fsp" in close_file() 2022-02-14 17:46:14 +00:00
net.c CVE-2022-38023 s3:net: add and use net_warn_member_options() helper 2022-12-14 10:28:16 +00:00
net.h s3:utils: Add cli_credentials and loadparm_context to net_context 2021-05-28 02:55:31 +00:00
netlookup.c s3:libsmb: Remove signing_state from cli_full_connection_creds() 2020-08-19 16:22:42 +00:00
nmblookup.c nmblookup: don't ignore unknown options 2021-09-10 15:10:30 +00:00
ntlm_auth_diagnostics.c CVE-2020-25717: s3:ntlm_auth: start with authoritative = 1 2021-11-09 19:45:32 +00:00
ntlm_auth_proto.h
ntlm_auth.c CVE-2022-2127: ntlm_auth: cap lanman response length value 2023-07-14 15:16:16 +02:00
ntlm_auth.h
passwd_proto.h lib: Make stdin_new_passwd() static 2019-12-02 21:23:34 +00:00
passwd_util.c lib: Remove duplicate get_pass() prototypes 2019-12-02 21:23:34 +00:00
pdbedit.c s3/utils: Check return of talloc_strdup 2022-10-19 08:39:17 +00:00
profiles.c profiles: don't ignore unknown options 2021-09-10 15:10:30 +00:00
py_net.c s3/util/py_net.c: fix samba-tool domain join&leave segfault 2022-08-08 10:32:22 +00:00
py_net.h s3: Add s3 net python bindings 2021-04-21 20:51:31 +00:00
regedit_dialog.c lib: relicense smb_strtoul(l) under LGPLv3 2020-08-03 22:21:02 +00:00
regedit_dialog.h
regedit_hexedit.c s3:utils: Fix format error 2021-10-04 10:43:37 +00:00
regedit_hexedit.h
regedit_list.c
regedit_list.h
regedit_samba3.c
regedit_treeview.c
regedit_treeview.h
regedit_valuelist.c
regedit_valuelist.h
regedit_wrap.c
regedit.c regedit: don't ignore unknown options 2021-09-10 15:10:30 +00:00
regedit.h
sharesec.c sharesec: don't ignore unknown options 2021-09-10 15:10:30 +00:00
smbcacls.c smbcacls: don't ignore unknown options 2021-09-10 15:10:30 +00:00
smbcontrol.c smbcontrol: Add rpc-dump-status 2021-12-10 14:02:30 +00:00
smbcquotas.c smbcquotas: don't ignore unknown options 2021-09-10 15:10:30 +00:00
smbfilter.c lib: Properly return errno from open_socket_in() 2021-03-19 07:09:37 +00:00
smbget.c s3: smbget: Fix auth_fn, order of //server/share parameters is mixed in prompt. 2022-04-15 13:46:10 +00:00
smbpasswd.c lib: Remove init_names() 2021-03-16 17:09:32 +00:00
smbtree.c smbtree: don't ignore unknown options 2021-09-10 15:10:30 +00:00
split_tokens.c split_tokens: don't ignore unknown options 2021-09-10 15:10:30 +00:00
status_profile_dummy.c
status_profile.c
status_profile.h
status.c smbd: Remove unused "struct connections_key" 2021-11-11 19:08:37 +00:00
testparm.c CVE-2022-37966 testparm: warn about 'kerberos encryption types = legacy' 2022-12-14 10:28:16 +00:00
wscript_build build: Add missing dependency on addns 2021-12-09 06:55:33 +00:00