CVE-2014-6324 issued against Microsoft's handling of KDC PAC's.
dewayne.geraghty at heuristicsystems.com.au
Thu Nov 20 00:29:15 MST 2014
Does Samba4 handle PAC validation in the same way that Windows 2008/2003
servers, and if so, is samba4/Lorikeet also vulnerable to elevation of
privileges due to the handling of PAC validation of service tickets?
Using this as my starting point,
I started to look at the code, but if I saw an elephant in the room, I
wouldn't recognise it.
More information about the samba-technical