Authentication ....
Gerald Carter
gcarter at valinux.com
Wed Jan 24 16:44:50 GMT 2001
Luke Kenneth Casson Leighton wrote:
>
> e.g. they fixed the SamrSetUserInfo(info level = 0x17
> and 0x18) security bug - they contain user passwords -
> but haven't told anyone how they've done it. i have
> better hopes that they've got it right, this time, but
> from past experience i remain skeptical. this time, i
> have some rumour/evidence that they consulted some
> proper security experts in-house about this one.
>
> lukes
Given that I've played with the call a good bit lately :)
I'm curious what the exact security hole is. Other than
the fact that I don't see any 2 way verification that
the new password is valid. i.e. you decrypt the 516 byte
password buffer, but how do you know that the password
at the end (minus the length) is actually what the client
sent.
Am I being dense here?
Cheers, jerry
----------------------------------------------------------------------
/\ Gerald (Jerry) Carter Professional Services
\/ http://www.valinux.com/ VA Linux Systems gcarter at valinux.com
http://www.samba.org/ SAMBA Team jerry at samba.org
http://www.plainjoe.org/ jerry at plainjoe.org
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
More information about the samba-ntdom
mailing list