1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
samba-mirror/source4
Stefan Metzmacher def00193c5 CVE-2015-5370: s4:librpc/rpc: protect dcerpc_request_recv_data() against too large payloads
We should only allow a combined payload of a response of at max 4 MBytes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
..
auth CVE-2016-2110: libcli/auth: pass server_timestamp to SMBNTLMv2encrypt_hash() 2016-04-12 19:25:23 +02:00
build/pasn1
cldap_server Avoid including libds/common/roles.h in public loadparm.h header. 2016-01-13 04:43:23 +01:00
client s4/client/cifsdd.c: typo 2016-03-10 00:08:11 +01:00
cluster Remove callers of lp_use_ntdb 2015-03-17 11:30:51 +01:00
dns_server build: mark explicit dependencies on pytalloc-util 2016-03-15 07:08:16 +01:00
dsdb VLV: avoid name conflict with string.h's index() 2016-03-30 14:26:51 +02:00
echo_server Avoid including libds/common/roles.h in public loadparm.h header. 2016-01-13 04:43:23 +01:00
heimdal s4/heimdal/lib/krb5/pac.c: typo 2016-03-10 03:33:46 +01:00
heimdal_build s4:heimdal_build: also use check_system_heimdal_lib() for "com_err" 2015-10-31 22:03:14 +01:00
include lib/util: Include DEBUG macro in internal header files before samba_util.h 2015-03-11 18:47:22 +01:00
kdc mit-kdb: Add missing SDB_F_FOR_AS_REQ for AS requests 2016-03-17 07:57:49 +01:00
ldap_server CVE-2016-2112: s4:ldap_server: implement "ldap server require strong auth" option 2016-04-12 19:25:25 +02:00
lib CVE-2016-2113: s4:lib/tls: implement infrastructure to do peer verification 2016-04-12 19:25:25 +02:00
libcli CVE-2016-2115: s4:libcli/raw: pass the minprotocol to smb_raw_negotiate*() 2016-04-12 19:25:26 +02:00
libnet s4-libnet: Link dckeytab.so correctly when is AD DC enabled 2016-03-24 15:12:21 +01:00
librpc CVE-2015-5370: s4:librpc/rpc: protect dcerpc_request_recv_data() against too large payloads 2016-04-12 19:25:29 +02:00
nbt_server dlist: remove unneeded type argument from DLIST_ADD_END() 2016-02-06 21:48:17 +01:00
ntp_signd build: Build with system md5.h on OpenIndiana 2013-06-19 21:32:36 +02:00
ntptr spoolss: make spoolss deal with ndr64 SetForm by using proper container object. 2013-01-17 17:11:37 +01:00
ntvfs configure: Don't check for inotify on illumos 2016-04-06 00:15:17 +02:00
param CVE-2016-2115: s4:libcli/raw: add smbcli_options.min_protocol 2016-04-12 19:25:26 +02:00
rpc_server CVE-2016-2118: s4:rpc_server/samr: allow _samr_ValidatePassword only with PRIVACY... 2016-04-12 19:25:28 +02:00
script find_unused_macros: Remove obsolete script that finds unused macros. 2014-08-31 21:21:13 +02:00
scripting s4:scripting/devel: make use of the generic arcfour_encrypt() and string_to_byte_array() functions 2016-02-03 08:33:11 +01:00
selftest CVE-2016-2118: s4:rpc_server/drsuapi: require DCERPC_AUTH_LEVEL_PRIVACY 2016-04-12 19:25:27 +02:00
setup build:wafsamba: Install named.conf only once 2015-11-16 11:48:14 +01:00
smb_server CVE-2016-2115: s3:libsmb: add signing constant SMB_SIGNING_IPC_DEFAULT 2016-04-12 19:25:26 +02:00
smbd dlist: remove unneeded type argument from DLIST_ADD_END() 2016-02-06 21:48:17 +01:00
torture CVE-2016-2115: s4:libcli/raw: pass the minprotocol to smb_raw_negotiate*() 2016-04-12 19:25:26 +02:00
utils Added MSV1_0_ALLOW_MSVCHAPV2 flag to ntlm_auth 2016-03-11 22:58:18 +01:00
web_server python: Remove Python 2.4 support macros 2016-01-07 23:33:10 +01:00
winbind s4-winbindd: Remove the winbind rewrite from the samba4 effort 2015-06-24 22:34:57 +02:00
wrepl_server dlist: remove unneeded type argument from DLIST_ADD_END() 2016-02-06 21:48:17 +01:00
.clang_complete s3-build: Add .clang_complete. 2011-10-27 17:09:50 +02:00
.valgrind_suppressions
wscript_build Do not install smbclient4 and nmblookup4 2014-04-15 03:25:13 +02:00