1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
samba-mirror/source4
Luke Howard 0cb4b939f1 CVE-2021-3671 HEIMDAL kdc: validate sname in TGS-REQ
In tgs_build_reply(), validate the server name in the TGS-REQ is present before
dereferencing.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14770

[abartlet@samba.org backported from from Heimdal
commit 04171147948d0a3636bc6374181926f0fb2ec83a via reference
to an earlier patch by Joseph Sutton]

RN: An unuthenticated user can crash the AD DC KDC by omitting the server name in a TGS-REQ

Reviewed-by: Andreas Schneider <asn@samba.org>
2021-09-02 13:41:28 +00:00
..
auth pygensec: Don't modify Python bytes objects 2021-08-18 22:28:33 +00:00
build/pasn1
cldap_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
client s4:client: Migrate cifsdd to new cmdline option parser 2021-06-16 00:34:38 +00:00
cluster dbwrap: Remove calls to loadparm 2018-04-24 01:53:19 +02:00
dns_server dns update: zero flags and reserved 2021-07-05 04:16:34 +00:00
dsdb selftest: Replace internal loop in test_uac_bits_set() using @DynamicTestClass 2021-09-02 05:03:31 +00:00
echo_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
heimdal CVE-2021-3671 HEIMDAL kdc: validate sname in TGS-REQ 2021-09-02 13:41:28 +00:00
heimdal_build heimdal_build: Improve error and warning handling on old and new compilers 2021-06-16 14:43:17 +00:00
include lib: Remove global xfile.h includes 2016-11-20 06:23:19 +01:00
kdc mit-kdc: Remove build time support for KDB_API < 10 2021-08-26 07:05:44 +00:00
ldap_server s4:ldap_server: Use cli_credentials_init_server() 2021-04-09 10:46:28 +00:00
lib s4:lib: Remove obsolete popt cmdline parser 2021-06-20 23:26:32 +00:00
libcli auth:creds: Add obtained arg to cli_credentials_set_gensec_features() 2021-04-28 03:43:34 +00:00
libnet s4:libnet: Allow libnet_SetPassword() for encrypted SMB connections 2021-08-03 09:28:38 +00:00
librpc netlogon:schannel: If weak crypto is disabled, do not announce RC4 support. 2021-08-03 09:28:38 +00:00
nbt_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
ntp_signd s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
ntvfs s4: ntvfs: Missed comma in 24c09f913d, string would be concatenated. 2021-08-25 18:02:05 +00:00
param libcli/smb: actually make use of "client/server smb3 signing algorithms" 2021-07-15 00:06:31 +00:00
rpc_server netlogon:schannel: If weak crypto is disabled, do not announce RC4 support. 2021-08-03 09:28:38 +00:00
samba s4:samba: Migrate samba daemon to new cmdline option parser 2021-04-29 03:58:37 +00:00
script python: remove all 'from __future__ import print_function' 2021-04-28 03:43:34 +00:00
scripting gpo: Add Group Policy Firefox Extension 2021-08-30 21:57:09 +00:00
selftest tests/krb5: Add FAST tests 2021-08-18 23:20:13 +00:00
setup s4:samba: Migrate samba daemon to new cmdline option parser 2021-04-29 03:58:37 +00:00
smb_server s4:samba: Migrate samba daemon to new cmdline option parser 2021-04-29 03:58:37 +00:00
torture s4: torture: CHECK ret value and fail if false 2021-08-19 16:14:30 +00:00
utils s4:utils: Migrate oLschema2ldif to new cmdline option parser 2021-06-20 23:26:32 +00:00
winbind s3: Remove --log-stdout from daemons 2021-04-29 03:58:37 +00:00
wrepl_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
.clang_complete
.valgrind_suppressions
wscript_build s4:client: Migrate cifsdd to new cmdline option parser 2021-06-16 00:34:38 +00:00