[Samba] Possible security issue with DHCP script.
Zombie Ryushu
zombie_ryushu at yahoo.com
Mon Jun 20 04:50:12 UTC 2022
I use a Strongswan VPN to connect via IPSec over VPN. Due to an error on
my part, I set the user identity to olympia.pukey (192.168.0.4) - which
is the hostname to one of my Domain Controllers. I use the script for
Kerberized updates with Bind DLZ, and it accepted the zone update,
changing the A Record to 192.168.0.234, the DHCP lease given by dhcpd.
This broke domain Authentication. There is no check in the script to see
if a DC occupied that hostname. I was able to manually fix it back. This
could be used by a malicious actor to intercept domain logins.
More information about the samba
mailing list