1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
samba-mirror/source4
Ralph Boehme 92d014bc44 CVE-2023-34967: CI: add a test for type checking of dalloc_value_for_key()
Sends a maliciously crafted packet where the value in a key/value style
dictionary for the "scope" key is a simple string object whereas the server
expects an array. As the server doesn't perform type validation on the value, it
crashes when trying to use the "simple" object as a "complex" one.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15341

Signed-off-by: Ralph Boehme <slow@samba.org>
2023-07-14 15:16:26 +02:00
..
auth CVE-2021-20251: s4:auth: fix use after free in authsam_logon_success_accounting() 2022-12-12 15:52:22 +00:00
cldap_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
client s4/cifsdd: don't ignore unknown options 2021-09-10 15:10:30 +00:00
cluster dbwrap: Remove calls to loadparm 2018-04-24 01:53:19 +02:00
dns_server CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-24 09:20:21 +02:00
dsdb CVE-2023-0614 dsdb: Add DSDB_MARK_REQ_UNTRUSTED 2023-03-20 10:03:38 +01:00
echo_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
include lib: Remove global xfile.h includes 2016-11-20 06:23:19 +01:00
kdc CVE-2022-37966 s4:kdc: apply restrictions of "kdc supported enctypes" 2022-12-14 10:28:17 +00:00
ldap_server s4:ldap_server: let ldapsrv_call_writev_start use conn_idle_time to limit the time 2022-10-31 14:30:09 +00:00
lib s4:lib/messaging: fix interaction between imessaging_context_destructor and irpc_destructor 2023-01-13 10:31:22 +00:00
libcli s4: libcli: Ignore errors when getting A records after fetching AAAA records. 2023-01-16 10:47:49 +00:00
libnet CVE-2022-37966 s4:libnet: allow python bindings to force setting an nthash via SAMR level 18 2022-12-14 10:28:17 +00:00
librpc blackbox.ndrdump: fix test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE test 2022-01-30 11:52:27 +00:00
nbt_server CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-24 09:20:21 +02:00
ntp_signd s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
ntvfs librpc: Add named_pipe_auth_req_info5->transport 2021-12-10 14:02:30 +00:00
param libcli/smb: actually make use of "client/server smb3 signing algorithms" 2021-07-15 00:06:31 +00:00
rpc_server CVE-2022-38023 s4:rpc_server/netlogon: Move schannel and credentials check functions to librpc 2023-01-23 10:01:59 +00:00
samba Happy New Year 2022! 2022-01-01 01:24:21 +00:00
script python: remove all 'from __future__ import print_function' 2021-04-28 03:43:34 +00:00
scripting gp: Apply Firewalld Policy 2021-11-01 21:16:43 +00:00
selftest CVE-2023-0614 lib/ldb-samba: Add test for SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL / LDAP_MATCHING_RULE_IN_CHAIN with and ACL hidden attributes 2023-03-20 10:03:38 +01:00
setup CVE-2023-0614 ldb: Prevent disclosure of confidential attributes 2023-03-20 10:03:38 +01:00
smb_server s4:smb_server: don't set mapped_state explicitly in auth_usersupplied_info 2022-03-16 13:41:14 +00:00
torture CVE-2023-34967: CI: add a test for type checking of dalloc_value_for_key() 2023-07-14 15:16:26 +02:00
utils s4:utils: Migrate oLschema2ldif to new cmdline option parser 2021-06-20 23:26:32 +00:00
winbind CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-24 09:20:21 +02:00
wrepl_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
.clang_complete
.valgrind_suppressions
wscript_build s4:client: Migrate cifsdd to new cmdline option parser 2021-06-16 00:34:38 +00:00