CVE-2016-2111: s3:rpc_server/netlogon: check NTLMv2_RESPONSE values for SEC_CHAN_WKSTA
authorStefan Metzmacher <metze@samba.org>
Wed, 9 Dec 2015 12:12:43 +0000 (13:12 +0100)
committerStefan Metzmacher <metze@samba.org>
Tue, 12 Apr 2016 17:25:24 +0000 (19:25 +0200)
commit93e3f25d42c1e3501bb70fec93fa014854f0afe0
tree6c4a5f6396f771dc7ca74351e2942ef662f1cfe2
parentfb20f135f0e6808b2173bf89389df03f23472e71
CVE-2016-2111: s3:rpc_server/netlogon: check NTLMv2_RESPONSE values for SEC_CHAN_WKSTA

This prevents spoofing like Microsoft's CVE-2015-0005.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: G√ľnther Deschner <gd@samba.org>
source3/rpc_server/netlogon/srv_netlog_nt.c