git.samba.org - ambi/samba-autobuild/.git/commit

git.samba.org / ambi / samba-autobuild / .git / commit

author	Stefan Metzmacher <metze@samba.org>
	Tue, 1 Dec 2015 14:01:09 +0000 (15:01 +0100)
committer	Stefan Metzmacher <metze@samba.org>
	Tue, 12 Apr 2016 17:25:22 +0000 (19:25 +0200)
commit	dc6e28d69a7fcc299c08e4368d8f137e6b59ed3a
tree	507f112aa5af287e71f4027fbbb7ca50725ec3a1	tree
parent	7a6b3efdc6451c3cbb157ad8d808f86d154625dd	commit \| diff

CVE-2016-2110: auth/ntlmssp: don't allow a downgrade from NTLMv2 to LM_AUTH

man smb.conf says "client ntlmv2 auth = yes" the default disables,
"client lanman auth = yes":

  ...
  Likewise, if the client ntlmv2 auth parameter is enabled, then only NTLMv2
  logins will be attempted.
  ...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

auth/ntlmssp/ntlmssp_client.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom