sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code
4a31c48057
samba-mirror/source4
History
Joseph Sutton 4a31c48057 CVE-2022-32745 s4/dsdb/util: Use correct value for loop count limit 
Currently, we can crash the server by sending a large number of values
of a specific attribute (such as sAMAccountName) spread across a few
message elements. If val_count is larger than the total number of
elements, we get an access beyond the elements array.

Similarly, we can include unrelated message elements prior to the
message elements of the attribute in question, so that not all of the
attribute's values are copied into the returned elements values array.
This can cause the server to access uninitialised data, likely resulting
in a crash or unexpected behaviour.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15008

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2022-07-27 10:52:36 +00:00
..
auth s4-auth: For LDAP simple bind, fall back to checking the ENCTYPE_AES256_CTS_HMAC_SHA1_96 if stored 2022-06-26 22:10:29 +00:00
cldap_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
client s4:client: Reformat shell scripts 2022-07-08 09:05:56 +00:00
cluster dbwrap: Remove calls to loadparm 2018-04-24 01:53:19 +02:00
dns_server CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-27 10:52:36 +00:00
dsdb CVE-2022-32745 s4/dsdb/util: Use correct value for loop count limit 2022-07-27 10:52:36 +00:00
echo_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
include lib: Remove smb_threads from includes.h 2022-04-26 21:41:29 +00:00
kdc s4:mitkdc: Always set SDB_F_FOR_{TGS,AS}_REQ flag for DAL >= 9 2022-07-04 12:22:16 +00:00
ldap_server ldap_server: Fix typos 2022-04-26 21:41:29 +00:00
lib CVE-2022-32746 s4/registry: Use LDB_FLAG_MOD_TYPE() for flags equality check 2022-07-27 10:52:36 +00:00
libcli lib/util: Change function to mem_equal_const_time() 2022-06-09 22:49:29 +00:00
libnet s4:libnet: avoid using sdb_entry_ex and use sdb_entry directly 2022-03-24 09:19:33 +00:00
librpc s4:librpc: Reformat shell scripts 2022-07-08 09:05:56 +00:00
nbt_server CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-27 10:52:36 +00:00
ntp_signd s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
ntvfs librpc: Add named_pipe_auth_req_info5->transport 2021-12-10 14:02:30 +00:00
param libcli/smb: actually make use of "client/server smb3 signing algorithms" 2021-07-15 00:06:31 +00:00
rpc_server CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-27 10:52:36 +00:00
samba Happy New Year 2022! 2022-01-01 01:24:21 +00:00
script s4:script: Reformat shell scripts 2022-07-08 09:05:56 +00:00
scripting gpo: samba-gpupdate use s3 param for registry conf 2022-07-22 20:40:51 +00:00
selftest s4:torture: Rename rpc.samr.passwords tests 2022-07-15 13:28:37 +00:00
setup s4:setup: Reformat shell scripts 2022-07-15 12:08:36 +00:00
smb_server s4:smb_server: don't set mapped_state explicitly in auth_usersupplied_info 2022-03-10 03:16:35 +00:00
torture CVE-2022-32746 s4:torture: Fix LDB flags comparison 2022-07-27 10:52:36 +00:00
utils s4:utils: Reformat shell scripts 2022-07-08 09:59:19 +00:00
winbind CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-27 10:52:36 +00:00
wrepl_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
.clang_complete
.valgrind_suppressions
wscript_build s4:client: Migrate cifsdd to new cmdline option parser 2021-06-16 00:34:38 +00:00