[cifs-protocol] Anonymous access to lsarpc changes (LSA Spoofing): Can I please get any doc updates for https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26925
Andrew Bartlett
abartlet at samba.org
Tue May 10 21:42:53 UTC 2022
Kia Ora Dochelp,
Can you please point me at the protocol Doc updates for CVE-2022-26925
please, as no errata is showing at
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-winprotlp/8a9c667b-2825-46a8-8066-a80681233c33 and I believe it is important for Samba to be able to mitigate
this issue also.
I have long wanted to lock down anonymous access to Samba's RPC
services and I think this might allow us to do so in a way that matches
windows, so details of the protocol visible changes would be most
helpful.
Thanks!
Andrew Bartlett
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba
Samba Development and Support, Catalyst IT - Expert Open Source
Solutions
More information about the cifs-protocol
mailing list