samba-mirror/libcli at 912cc29a9950d6385f4e372b5141900f87a464b7 - samba-mirror - Gitea: Git with a cup of tea

IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an email to Administrator. User accounts are meant only to access repo and report issues and/or generate pull requests. This is a purpose-specific Git hosting for BaseALT projects. Thank you for your understanding!

Только зарегистрированные пользователи имеют доступ к сервису! Для получения аккаунта, обратитесь к администратору.

sin/samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-02-08 05:57:51 +03:00

History

Stefan Metzmacher bffdfb129c CVE-2020-1472(ZeroLogon): libcli/auth: reject weak client challenges in netlogon_creds_server_init()

This implements the note from MS-NRPC 3.1.4.1 Session-Key Negotiation:

 7. If none of the first 5 bytes of the client challenge is unique, the
    server MUST fail session-key negotiation without further processing of
    the following steps.

It lets ./zerologon_tester.py from
https://github.com/SecuraBV/CVE-2020-1472.git
report: "Attack failed. Target is probably patched."

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>

[dbagnall@samba.org, abartlet@samba.org: wscript_build backport
differs because 4.10 has no gnutls dependency]

2020-09-18 12:58:23 +02:00

..

CVE-2020-1472(ZeroLogon): libcli/auth: reject weak client challenges in netlogon_creds_server_init()

2020-09-18 12:58:23 +02:00

CVE-2020-10704: libcli ldap_message: Add search size limits to ldap_decode

2020-04-21 10:21:09 +02:00

lib: Initialize getline() arguments

2019-05-16 10:37:49 +00:00

drsuapi: Use the zlib version of crc32

2018-10-09 22:32:12 +02:00

s4: torture: Change torture_register_suite() to add a TALLOC_CTX *.

2017-05-05 15:52:11 +02:00

CVE-2020-10704 libcli ldap: Check search request lengths.

2020-04-21 10:21:09 +02:00

libcli/lsarpc: add struct trustAuthInOutBlob; forward declaration

2014-04-02 09:03:42 +02:00

named_pipe_auth

Fix spelling s/conection/connection/

2018-05-12 02:09:26 +02:00

CVE-2020-14303: s4 nbt: fix busy loop on empty UDP packet

2020-06-25 13:04:45 +02:00

libcli/netlogon: We need to handle a bug in FreeIPA (at least <= 4.1.2).

2015-01-05 17:01:08 +01:00

build: Make util_reg subsystem in libcli/registry a library

2011-05-18 16:12:08 +02:00

libcli: Use "all_zero" where appropriate

2017-01-03 16:04:28 +01:00

libcli/security: fix handling of deny type ACEs in access_check_max_allowed()

2019-03-11 07:55:38 +00:00

libcli/smb: send SMB2_NETNAME_NEGOTIATE_CONTEXT_ID

2019-09-11 11:33:00 +00:00

libcli:smbreadline: Use #ifdef instead of #if for config.h definitions

2018-11-28 23:19:22 +01:00

Fix spelling mistakes

2018-11-30 03:35:13 +01:00