[cifs-protocol] [MS-KILE] PAC Validation changes related to CVE-2024-26248 and CVE-2024-29056 - TrackingID#2404100040000280

Andrew Bartlett abartlet at samba.org
Wed Apr 10 02:42:12 UTC 2024 

Thanks Jeff, looking forward to hearing from your team.
Andrew,
On Wed, 2024-04-10 at 01:20 +0000, Jeff McCashland (He/him) via cifs-
protocol wrote:
> Sending again, as I received an error that the Samba server rejected
> my message as spam. 
> 
> 
> 
> 
> 
> 
> 
> Thank you for your question. We have created SR 2404100040000280 to
> track this issue. One of our engineers will respond soon. 
> 
> 
> 
> 
> 
> 
> 
> Best regards,
> 
> 
> Jeff McCashland (He/him)
> | Senior Escalation Engineer | Microsoft Protocol Open Specifications
> Team
> 
> Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-
> 08:00) Pacific Time (US and Canada)
> 
> Local country phone number found here:
> http://support.microsoft.com/globalenglish |
>  Extension 1138300
> 
>  
> 
> 
> 
> 
> 
> 
> 
> 
> From: Jeff McCashland (He/him) <jeffm at microsoft.com>
> 
> Sent: Tuesday, April 9, 2024 6:13 PM
> 
> To: Andrew Bartlett <abartlet at samba.org>
> 
> Cc: cifs-protocol mailing list <cifs-protocol at lists.samba.org>;
> Microsoft Support <supportmail at microsoft.com>
> 
> Subject: [MS-KILE] PAC Validation changes related to CVE-2024-26248
> and CVE-2024-29056 - TrackingID#2404100040000280
> 
>  
> 
> 
> [DocHelp to BCC, support on CC, Updated Subject w/SR ID]
> 
> 
> 
> 
> 
> 
> 
> Hi Andrew,
> 
> 
> 
> 
> 
> 
> 
> Thank you for your question. We have created SR 2404100040000280 to
> track this issue. One of our engineers will respond soon. 
> 
> 
> 
> 
> 
> 
> Best regards,
> 
> Jeff McCashland (He/him)
> | Senior Escalation Engineer | Microsoft Protocol Open Specifications
> Team
> 
> Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-
> 08:00) Pacific Time (US and Canada)
> 
> Local country phone number found here:
> http://support.microsoft.com/globalenglish |
>  Extension 1138300
> 
>  
> 
> 
> 
> 
> 
> 
> 
> 
> From: Andrew Bartlett <abartlet at samba.org>
> 
> Sent: Tuesday, April 9, 2024 4:52 PM
> 
> To: Interoperability Documentation Help <dochelp at microsoft.com>
> 
> Cc: cifs-protocol mailing list <cifs-protocol at lists.samba.org>
> 
> Subject: [EXTERNAL] Looking for missing documentation (MS-KILE?) for
> CVE-2024-21427, CVE-2024-20674 and PAC signature changes
> 
>  
> 
> Kia Ora Dochelp,
> 
> 
> 
> Recently I saw "KB5037754: How to manage PAC Validation changes
> related
> 
> to CVE-2024-26248 and CVE-2024-29056" was published.
> 
> 
> 
> Can I have a pointer to the new NETLOGON behaviour and the new
> 
> structures for the SamLogon PAC validation, and the new required
> 
> behaviours so a Samba AD DC can handle this?
> 
> 
> 
> I don't see any errata that looks relevant yet.
> 
> 
> 
> Thanks,
> 
> 
> 
> Andrew Bartlett
> 
> --
> 
> 
> 
> Andrew Bartlett (he/him)       
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsamba.org%2F~abartlet%2F&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148287662%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=DoJv%2Fk%2FvbO065BiRFszlshQA22xOg48Dog5Slvkf%2BwU%3D&reserved=0
> 
> Samba Team Member (since 2001) 
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsamba.org%2F&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148294830%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=iqXfl5Npw3y8oT3gCVqhg1tMa7RBaWrmDS1yNY%2FDhS8%3D&reserved=0
> 
> Samba Team Lead                
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcatalyst.net.nz%2Fservices%2Fsamba&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148298984%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=7iA%2F%2FgX1QA6n04F9d7nsyTdPCEYJ1abbGket9g4b1E8%3D&reserved=0
> 
> Catalyst.Net Ltd
> 
> 
> 
> 
> 
> Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group
> 
> company
> 
> 
> 
> Samba Development and Support: 
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcatalyst.net.nz%2Fservices%2Fsamba&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148301821%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=NvjLgvKGmHyq%2FQkJX2DrxX62nsmQEa4G4e%2BzkgRCMJc%3D&reserved=0
> 
> 
> 
> Catalyst IT - Expert Open Source Solutions
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> _______________________________________________cifs-protocol mailing 
> listcifs-protocol at lists.samba.org
> https://lists.samba.org/mailman/listinfo/cifs-protocol
-- 
Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead                https://catalyst.net.nz/services/samba
Catalyst.Net Ltd


Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group
company

Samba Development and Support: https://catalyst.net.nz/services/samba

Catalyst IT - Expert Open Source Solutions



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20240410/f504d7c7/attachment.htm>

More information about the cifs-protocol mailing list