git.samba.org / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 51aa7bd) | patch
CVE-2016-2118: s4:rpc_server/drsuapi: require DCERPC_AUTH_LEVEL_PRIVACY
authorStefan Metzmacher <metze@samba.org>
Tue, 14 Jul 2015 07:13:00 +0000 (09:13 +0200)
committerStefan Metzmacher <metze@samba.org>
Tue, 12 Apr 2016 17:25:27 +0000 (19:25 +0200)
commit80dae9afda18724935c2ab006db509ddbb8a66e5
tree2ebd73e22434ab0cef718fb69b3f5db729407cf6tree
parent51aa7bd3115d2962bc2f6f8c1ea2fa80998d119fcommit | diff
CVE-2016-2118: s4:rpc_server/drsuapi: require DCERPC_AUTH_LEVEL_PRIVACY

This matches windows and prevents man in the middle downgrade attacks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
selftest/knownfail diff | blob | history
source4/rpc_server/drsuapi/dcesrv_drsuapi.c diff | blob | history
source4/selftest/tests.py diff | blob | history
Samba Shared Repository