Authentication ....

Gerald Carter gcarter at
Wed Jan 24 16:44:50 GMT 2001

Luke Kenneth Casson Leighton wrote:
> e.g. they fixed the SamrSetUserInfo(info level = 0x17 
> and 0x18) security bug - they contain user passwords - 
> but haven't told anyone how they've done it.  i have 
> better hopes that they've got it right, this time, but 
> from past experience i remain skeptical.  this time, i 
> have some rumour/evidence that they consulted some 
> proper security experts in-house about this one.
> lukes

Given that I've played with the call a good bit lately :)
I'm curious what the exact security hole is.  Other than 
the fact that I don't see any 2 way verification that 
the new password is valid.  i.e. you decrypt the 516 byte
password buffer, but how do you know that the password
at the end (minus the length) is actually what the client

Am I being dense here?

Cheers, jerry
   /\  Gerald (Jerry) Carter                     Professional Services
 \/  VA Linux Systems   gcarter at       SAMBA Team          jerry at                     jerry at

       "...a hundred billion castaways looking for a home."
                                - Sting "Message in a Bottle" ( 1979 )

More information about the samba-ntdom mailing list