CVE-2020-25722 s4/dsdb/samldb _user_account_control_change() always add final value
dsdb_get_single_valued_attr() was finding the last non-delete element for
userAccountControl and changing its value to the computed value.
Unfortunately, the last non-delete element might not be the last element,
and a subsequent delete might remove it.
Instead we just add a replace on the end.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14876
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
git.samba.org / samba.git / commit