[Samba] Status on fixes for MS04-11/MS04-12/KB828741 issues

Dan Hill dwh6 at cwru.edu
Mon May 3 02:21:10 GMT 2004


Andrew Bartlett wrote:
> I realise that a large number of sites have been bitten by the bad
> interaction between this hotfix, and Samba.
> 
> I have finally managed to spend some time looking into this, and have
> reproduced it in my test environment.  There appears to be an issue with
> the NTLMSSP layer used by windows clients to wrap password change
> requests. 
> 
> Fortunately, I have also shown that it is possible to construct a shim
> involving Samba4's RPC proxy server, to correctly change passwords from
> these Windows clients.  
> 
> While certainly not a solution for a production environment, it shows us
> a means forward for fixing this issue, using existing code, and known
> algorithms.
> 
> As you are all aware, with the Sasser worm out and about, applying this
> fix is no longer optional, and we are working hard on finding a
> solution.  
> 
> Andrew Bartlett
> 

Thanks to you and the entire Samba team for all the hard work put into 
the Samba project!

~Dan

-- 
--------------------------
Dan Hill
dwh6 at cwru.edu
--------------------------


More information about the samba mailing list