git.samba.org - vlendec/samba-autobuild/.git/commit

git.samba.org / vlendec / samba-autobuild / .git / commit

author	Stefan Metzmacher <metze@samba.org>
	Tue, 24 Nov 2015 20:24:47 +0000 (21:24 +0100)
committer	Stefan Metzmacher <metze@samba.org>
	Tue, 12 Apr 2016 17:25:23 +0000 (19:25 +0200)
commit	8a647ae1e1c355f48b0d2a5a6c8bb0105e3d2318
tree	ca971981fc4ede9e18e113d8892a57e142fb090d	tree
parent	8cd1a2a118b544af7d08a3b79cdbd09384d86af3	commit \| diff

CVE-2016-2110: auth/credentials: clear the LMv2 key for NTLMv2 in cli_credentials_get_ntlm_response()

If we clear CLI_CRED_LANMAN_AUTH and we should also clear the lm_response buffer
and don't send it over the net.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

auth/credentials/credentials_ntlm.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom