CVE-2014-6324 issued against Microsoft's handling of KDC PAC's.
jra at samba.org
Wed Nov 26 15:22:30 MST 2014
On Wed, Nov 26, 2014 at 09:28:41PM +1300, Andrew Bartlett wrote:
> We should probably put something up saying we are not vulnerable, and
> anyone running a Windows AD server really, really should upgrade. This
> is one of the nastiest issues in a long time, and is being exploited in
> the wild.
Andrew, can you write up some text for this and
maybe we can get it up on the main samba.org
website as the reverse of a security-note.
I'm off for US Thanksgiving until Monday,
so don't expect anything more from over
here until then, sorry :-).
More information about the samba-technical