A blog about my "Dollar Ticket" attack (Nov 2021 security issue)

Nadezhda Ivanova nivanova at samba.org
Mon May 16 12:08:52 UTC 2022

Great article, Andrew, thank you for sharing it!

You and the Catalyst team deserve a medal for your immense effort and 
your technical brilliance on this issue!

On 13/05/2022 09:22, Andrew Bartlett via samba-technical wrote:
> I wrote up
> https://www.catalyst.net.nz/blog/stay-curious-lessons-doller-ticket-security-issue
> to explain a bit of how we got to the big Nov 2021 security issue.
> I do want to say again a really big thanks to everyone who stepped up
> to help us in the rush up to November last year.
> Also, here is the puff-piece we wrote up regarding finding the issue
> https://www.catalyst.net.nz/blog/catalyst-samba-team-fixes-critical-microsoft-security-issue
> Oh, and one last thing:
> https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26931
> is credited to me.  Fun times!  MS hasn't put as much detail out on
> that one, but I'll talk more once that is public.
> Andrew,

More information about the samba-technical mailing list