Proposed patch to add min/max protocol.

David Collier-Brown David.Collier-Brown at
Tue Oct 3 17:27:54 GMT 2000

  This is a more experimental proposal: no-one yet has be caught
using a "downgrading" attack on an SMB server.

  Interestingly enough, Hobbit's paper on "CIFS: Common Insecurities
Fail Scrutiny", available at
has a whole section on dialect negotiation that suggests one should
use LANMAN2 when hacking SMB servers.

  One other, more topical risk exists: sending the code through
parts that haven't been tested since 1.8 or so (;-))

  The patch is at   

  A caveat: raising the possibility, and providing the patch, 
may attract attention to this kind of attack.

David Collier-Brown,  | Always do right. This will gratify some people
185 Ellerslie Ave.,   | and astonish the rest.        -- Mark Twain
Willowdale, Ontario   | //
Work: (905) 415-2849 Home: (416) 223-8968 Email: davecb at

More information about the samba-technical mailing list