NTLMv1 authentication works even though it is disabled
shivappa Sangapur
ssangapur3 at gmail.com
Tue Aug 28 12:03:38 UTC 2018
CVE-2018-1139 seems to be using NTLMv1 auth only if NTLM_AUTH_ON is enabled,
that means ntlm auth=yes is set in smb.conf. (by default ntlmv1 is disabled
from samba4.5)
I'm running samba-4.7.4.
I have observed a strange thing. Is it an expected behavior ? I don't think
so.
Set *client NTLMv2 auth=No*, *ntlm auth=Yes* in smb.conf file.
In Windows 7 set LAN Auth Level as *'Send NTLMv2, Refuse LM and NTLM' *.
Connect to Windows 7 share using smbclient command with *-mNT1* option from
samba-4.7.4,
Actually it should not connect, Since NTLM is disabled in Windows 7,
But the smbclient is connecting to Windows 7 shares.
Vice-versa also works (that is connect samba-4.7.4 shares from Windows 7)
Above behavior is same before CVE-2018-1139 fix also.
Any idea why so ?
--
Sent from: http://samba.2283325.n4.nabble.com/Samba-samba-technical-f2457555.html
More information about the samba-technical
mailing list