A blog about my "Dollar Ticket" attack (Nov 2021 security issue)
Andrew Bartlett
abartlet at samba.org
Fri May 13 06:22:17 UTC 2022
I wrote up
https://www.catalyst.net.nz/blog/stay-curious-lessons-doller-ticket-security-issue
to explain a bit of how we got to the big Nov 2021 security issue.
I do want to say again a really big thanks to everyone who stepped up
to help us in the rush up to November last year.
Also, here is the puff-piece we wrote up regarding finding the issue
https://www.catalyst.net.nz/blog/catalyst-samba-team-fixes-critical-microsoft-security-issue
Oh, and one last thing:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26931
is credited to me. Fun times! MS hasn't put as much detail out on
that one, but I'll talk more once that is public.
Andrew,
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba
Samba Development and Support, Catalyst IT - Expert Open Source
Solutions
More information about the samba-technical
mailing list