A blog about my "Dollar Ticket" attack (Nov 2021 security issue)
Nadezhda Ivanova
nivanova at samba.org
Mon May 16 12:08:52 UTC 2022
Great article, Andrew, thank you for sharing it!
You and the Catalyst team deserve a medal for your immense effort and
your technical brilliance on this issue!
On 13/05/2022 09:22, Andrew Bartlett via samba-technical wrote:
> I wrote up
> https://www.catalyst.net.nz/blog/stay-curious-lessons-doller-ticket-security-issue
> to explain a bit of how we got to the big Nov 2021 security issue.
>
> I do want to say again a really big thanks to everyone who stepped up
> to help us in the rush up to November last year.
>
> Also, here is the puff-piece we wrote up regarding finding the issue
> https://www.catalyst.net.nz/blog/catalyst-samba-team-fixes-critical-microsoft-security-issue
>
> Oh, and one last thing:
>
> https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26931
>
> is credited to me. Fun times! MS hasn't put as much detail out on
> that one, but I'll talk more once that is public.
>
> Andrew,
More information about the samba-technical
mailing list