[cifs-protocol] [EXTERNAL] Re: [MS-KILE] PAC Validation changes related to CVE-2024-26248 and CVE-2024-29056 - TrackingID#2404100040000280
Jeff McCashland (He/him)
jeffm at microsoft.com
Fri Apr 12 17:59:46 UTC 2024
Hi Andrew,
Also, our security updates team would like to talk with you about the changes. Do you have some availability next week to meet? Teams or Zoom?
Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)
Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
________________________________
From: Jeff McCashland (He/him) <jeffm at microsoft.com>
Sent: Friday, April 12, 2024 10:56 AM
To: Andrew Bartlett <abartlet at samba.org>
Cc: cifs-protocol mailing list <cifs-protocol at lists.samba.org>; Microsoft Support <supportmail at microsoft.com>
Subject: Re: [EXTERNAL] Re: [cifs-protocol] [MS-KILE] PAC Validation changes related to CVE-2024-26248 and CVE-2024-29056 - TrackingID#2404100040000280
Hi Andrew,
These changes were publshed in [MS-NRPC] and [MS-SPDS] on 4/9:
[MS-NRPC]: Netlogon Remote Protocol | Microsoft Learn<https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-nrpc/ff8f970f-3e37-40f7-bd4b-af7336e4792f>
[MS-APDS]: Authentication Protocol Domain Support | Microsoft Learn<https://learn.microsoft.com/en-us/openspecs/windows_protocols/MS-APDS/dd444344-fd7e-430e-b313-7e95ab9c338e>
Let us know if the additions are incomplete.
Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)
Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
________________________________
From: Jeff McCashland (He/him) <jeffm at microsoft.com>
Sent: Thursday, April 11, 2024 2:00 PM
To: Andrew Bartlett <abartlet at samba.org>
Cc: cifs-protocol mailing list <cifs-protocol at lists.samba.org>; Microsoft Support <supportmail at microsoft.com>
Subject: Re: [EXTERNAL] Re: [cifs-protocol] [MS-KILE] PAC Validation changes related to CVE-2024-26248 and CVE-2024-29056 - TrackingID#2404100040000280
Hi Andrew,
I will research the question and let you know what I find.
Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)
Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
________________________________
From: Andrew Bartlett <abartlet at samba.org>
Sent: Tuesday, April 9, 2024 7:42 PM
To: Jeff McCashland (He/him) <jeffm at microsoft.com>
Cc: cifs-protocol mailing list <cifs-protocol at lists.samba.org>; Microsoft Support <supportmail at microsoft.com>
Subject: [EXTERNAL] Re: [cifs-protocol] [MS-KILE] PAC Validation changes related to CVE-2024-26248 and CVE-2024-29056 - TrackingID#2404100040000280
Thanks Jeff, looking forward to hearing from your team.
Andrew,
On Wed, 2024-04-10 at 01:20 +0000, Jeff McCashland (He/him) via cifs-protocol wrote:
Sending again, as I received an error that the Samba server rejected my message as spam.
Thank you for your question. We have created SR 2404100040000280 to track this issue. One of our engineers will respond soon.
Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)
Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
________________________________
From: Jeff McCashland (He/him) <jeffm at microsoft.com>
Sent: Tuesday, April 9, 2024 6:13 PM
To: Andrew Bartlett <abartlet at samba.org>
Cc: cifs-protocol mailing list <cifs-protocol at lists.samba.org>; Microsoft Support <supportmail at microsoft.com>
Subject: [MS-KILE] PAC Validation changes related to CVE-2024-26248 and CVE-2024-29056 - TrackingID#2404100040000280
[DocHelp to BCC, support on CC, Updated Subject w/SR ID]
Hi Andrew,
Thank you for your question. We have created SR 2404100040000280 to track this issue. One of our engineers will respond soon.
Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)
Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
________________________________
From: Andrew Bartlett <abartlet at samba.org>
Sent: Tuesday, April 9, 2024 4:52 PM
To: Interoperability Documentation Help <dochelp at microsoft.com>
Cc: cifs-protocol mailing list <cifs-protocol at lists.samba.org>
Subject: [EXTERNAL] Looking for missing documentation (MS-KILE?) for CVE-2024-21427, CVE-2024-20674 and PAC signature changes
Kia Ora Dochelp,
Recently I saw "KB5037754: How to manage PAC Validation changes related
to CVE-2024-26248 and CVE-2024-29056" was published.
Can I have a pointer to the new NETLOGON behaviour and the new
structures for the SamLogon PAC validation, and the new required
behaviours so a Samba AD DC can handle this?
I don't see any errata that looks relevant yet.
Thanks,
Andrew Bartlett
--
Andrew Bartlett (he/him) https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsamba.org%2F~abartlet%2F&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148287662%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=DoJv%2Fk%2FvbO065BiRFszlshQA22xOg48Dog5Slvkf%2BwU%3D&reserved=0<https://samba.org/~abartlet/>
Samba Team Member (since 2001) https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsamba.org%2F&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148294830%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=iqXfl5Npw3y8oT3gCVqhg1tMa7RBaWrmDS1yNY%2FDhS8%3D&reserved=0<https://samba.org/>
Samba Team Lead https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcatalyst.net.nz%2Fservices%2Fsamba&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148298984%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=7iA%2F%2FgX1QA6n04F9d7nsyTdPCEYJ1abbGket9g4b1E8%3D&reserved=0<https://catalyst.net.nz/services/samba>
Catalyst.Net Ltd
Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group
company
Samba Development and Support: https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcatalyst.net.nz%2Fservices%2Fsamba&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148301821%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=NvjLgvKGmHyq%2FQkJX2DrxX62nsmQEa4G4e%2BzkgRCMJc%3D&reserved=0<https://catalyst.net.nz/services/samba>
Catalyst IT - Expert Open Source Solutions
_______________________________________________
cifs-protocol mailing list
cifs-protocol at lists.samba.org<mailto:cifs-protocol at lists.samba.org>
https://lists.samba.org/mailman/listinfo/cifs-protocol
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org<https://samba.org/>
Samba Team Lead https://catalyst.net.nz/services/samba
Catalyst.Net Ltd
Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group company
Samba Development and Support: https://catalyst.net.nz/services/samba
Catalyst IT - Expert Open Source Solutions
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20240412/68f901e3/attachment.htm>
More information about the cifs-protocol
mailing list