NT4 sp4, anyone working on it?
Tim Winders
twinders at SPC.cc.tx.us
Fri Sep 4 17:50:37 GMT 1998
Thanks Luke. I was contacted by a reporter from ZD News today questioning
me on this information! She asked me to keep her up to date on the
"developments".
=== Tim
On Sat, 5 Sep 1998, Luke Kenneth Casson Leighton wrote:
> william, tim.
>
> microsoft have made their code "more robust". i can only presume that
> they were ignoring a vital length field (the fragment length in the bind
> ack response) in _pre_ NT4 SP4. i suspect that there is therefore a
> buffer overflow security hole there, somewhere...
>
> On Fri, 4 Sep 1998, William Stuart wrote:
>
> > Tim--
> >
> > In regards to your comment about Microsoft and SP4 breaking SAMBA, do you
> > think it true or were you just spouting?
> >
> > If it is true, the DOJ might be interested in hearing it. They are adding
> > the breaking of other, competing software systems to their allegations,
> > but their latest incident of this was DR DOS, 5 or 6 years ago.
> >
> > Just a thought.
> >
> > ---
> > William Stuart (william at hae.com)
> > "Don't rush me sonny. You rush a miracle man you get rotten miracles."
> > --Miracle Max, "The Princess Bride"
> >
> > On Thu, 3 Sep 1998, Tim Winders wrote:
> >
> > > Date: Thu, 3 Sep 1998 23:01:48 +1000
> > > From: Tim Winders <twinders at SPC.cc.tx.us>
> > > To: Multiple recipients of list <samba-technical at samba.anu.edu.au>
> > > Subject: Re: NT4 sp4, anyone working on it?
> > >
> > > On Thu, 3 Sep 1998, Luke Kenneth Casson Leighton wrote:
> > >
> > > > On Wed, 2 Sep 1998, Tim Winders wrote:
> > > >
> > > > > Luke -
> > > > >
> > > > > Here are two gzipped capture files printed out with the all levels as
> > > >
> > > > tim,
> > > >
> > > > the captures show that we are replying to the "Bind Ack" with the
> > > > "fragmentation length" 16 bytes short. obviously, pre-ntsp4 didn't care
> > > > two hoots about this (and, to be honest, i don't think we do either, in
> > > > the bind ack response).
> > > >
> > > > however, it looks like someone's being giving the nt dce/rpc code the "nit
> > > > comb" treatment...
> > >
> > > Hurrah! Obviously a step by MS to try to stop people from using Samba!
> > > Now, is this something "easy" to fix?
> > >
> > > === Tim
> > >
> > > ---------------------------------------------------------------------
> > > | Tim Winders, CNE, MCSE | Email: TWinders at SPC.cc.tx.us |
> > > | Network Administrator | Phone: 806-894-9611 x 2369 |
> > > | South Plains College | Fax: 806-897-4711 |
> > > ---------------------------------------------------------------------
> > >
> > >
> > >
> >
> >
>
> <a href="mailto:lkcl at samba.anu.edu.au" > Luke Kenneth Casson Leighton </a>
> <a href="http://mailhost.cb1.com/~lkcl"> Samba and Network Development </a>
> <a href="http://www.samba.co.uk" > Samba and Network Consultancy </a>
>
>
=== Tim
---------------------------------------------------------------------
| Tim Winders, CNE, MCSE | Email: TWinders at SPC.cc.tx.us |
| Network Administrator | Phone: 806-894-9611 x 2369 |
| South Plains College | Fax: 806-897-4711 |
---------------------------------------------------------------------
More information about the samba-technical
mailing list