NT4 sp4, anyone working on it?

Tim Winders twinders at SPC.cc.tx.us
Fri Sep 4 17:50:37 GMT 1998 

Thanks Luke.  I was contacted by a reporter from ZD News today questioning
me on this information!  She asked me to keep her up to date on the
"developments".

=== Tim

On Sat, 5 Sep 1998, Luke Kenneth Casson Leighton wrote:

> william, tim.
> 
> microsoft have made their code "more robust".  i can only presume that
> they were ignoring a vital length field (the fragment length in the bind
> ack response) in _pre_ NT4 SP4.  i suspect that there is therefore a
> buffer overflow security hole there, somewhere...
> 
> On Fri, 4 Sep 1998, William Stuart wrote:
> 
> > Tim--
> > 
> > In regards to your comment about Microsoft and SP4 breaking SAMBA, do you
> > think it true or were you just spouting?
> > 
> > If it is true, the DOJ might be interested in hearing it.  They are adding
> > the breaking of other, competing software systems to their allegations,
> > but their latest incident of this was DR DOS,  5 or 6 years ago.
> > 
> > Just a thought.
> > 
> > ---
> > William Stuart  (william at hae.com)
> > "Don't rush me sonny.  You rush a miracle man you get rotten miracles."
> >                      --Miracle Max, "The Princess Bride"
> > 
> > On Thu, 3 Sep 1998, Tim Winders wrote:
> > 
> > > Date: Thu, 3 Sep 1998 23:01:48 +1000
> > > From: Tim Winders <twinders at SPC.cc.tx.us>
> > > To: Multiple recipients of list <samba-technical at samba.anu.edu.au>
> > > Subject: Re: NT4 sp4, anyone working on it?
> > > 
> > > On Thu, 3 Sep 1998, Luke Kenneth Casson Leighton wrote:
> > > 
> > > > On Wed, 2 Sep 1998, Tim Winders wrote:
> > > > 
> > > > > Luke -
> > > > > 
> > > > > Here are two gzipped capture files printed out with the all levels as
> > > > 
> > > > tim,
> > > > 
> > > > the captures show that we are replying to the "Bind Ack" with the
> > > > "fragmentation length" 16 bytes short.  obviously, pre-ntsp4 didn't care
> > > > two hoots about this (and, to be honest, i don't think we do either, in
> > > > the bind ack response).
> > > > 
> > > > however, it looks like someone's being giving the nt dce/rpc code the "nit
> > > > comb" treatment...
> > > 
> > > Hurrah!  Obviously a step by MS to try to stop people from using Samba!
> > > Now, is this something "easy" to fix?
> > > 
> > > === Tim
> > > 
> > > ---------------------------------------------------------------------
> > > |  Tim Winders, CNE, MCSE        |  Email:  TWinders at SPC.cc.tx.us   |
> > > |  Network Administrator         |  Phone:  806-894-9611 x 2369     |
> > > |  South Plains College          |  Fax:    806-897-4711            |
> > > ---------------------------------------------------------------------
> > > 
> > > 
> > > 
> > 
> > 
> 
> <a href="mailto:lkcl at samba.anu.edu.au" > Luke Kenneth Casson Leighton  </a>
> <a href="http://mailhost.cb1.com/~lkcl"> Samba and Network Development </a>
> <a href="http://www.samba.co.uk"       > Samba and Network Consultancy </a>
> 
> 

=== Tim

---------------------------------------------------------------------
|  Tim Winders, CNE, MCSE        |  Email:  TWinders at SPC.cc.tx.us   |
|  Network Administrator         |  Phone:  806-894-9611 x 2369     |
|  South Plains College          |  Fax:    806-897-4711            |
---------------------------------------------------------------------

More information about the samba-technical mailing list