A blog about my "Dollar Ticket" attack (Nov 2021 security issue)
Jeremy Allison
jra at samba.org
Fri May 13 17:26:31 UTC 2022
On Fri, May 13, 2022 at 06:22:17PM +1200, Andrew Bartlett via samba-technical wrote:
>I wrote up
>https://www.catalyst.net.nz/blog/stay-curious-lessons-doller-ticket-security-issue
>to explain a bit of how we got to the big Nov 2021 security issue.
>
>I do want to say again a really big thanks to everyone who stepped up
>to help us in the rush up to November last year.
>
>Also, here is the puff-piece we wrote up regarding finding the issue
>https://www.catalyst.net.nz/blog/catalyst-samba-team-fixes-critical-microsoft-security-issue
>
>Oh, and one last thing:
>
>https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26931
>
>is credited to me. Fun times! MS hasn't put as much detail out on
>that one, but I'll talk more once that is public.
Congratulations Andrew and the Catalyst Samba Team members.
Great write up !
More information about the samba-technical
mailing list