[Samba] Test-ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
Joachim Lindenberg
samba at lindenberg.one
Fri Jul 14 09:29:30 UTC 2023
Hello all,
https://bugzilla.samba.org/show_bug.cgi?id=15418#c20 "This could be a shortterm fix in order to behave like an unpatched windows server"
What is the attack scenario of an unpatched windows server? After all Microsoft likely patched to fix an issue, the short term solution probably restores not only NLA but also the vulnerability..
I am not arguing against the fix, as the switch is obviously buggy, but I am hoping for a real fix soon.
Regards, Joachim
-----Ursprüngliche Nachricht-----
Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Ralph Boehme via samba
Gesendet: Freitag, 14. Juli 2023 10:56
An: samba samba <samba at lists.samba.org>
Betreff: Re: [Samba] Test-ComputerSecureChannel -Verbose False since windows 10/11 update 07/2023
On 7/14/23 09:41, Ralph Boehme via samba wrote:
> On 7/14/23 07:42, Daniel Müller wrote:
>> Where to get the patch?
>> We are running samba 4.17.4 on debian11 . We compiled from source.
>
> it's linked in the bugreport
>
> https://bugzilla.samba.org/show_bug.cgi?id=15418
>
> <https://cpaste.org/?df0494cac0063e2e#Cx69G684EBPQ71S6sAUVXSYburgV6gPyKHfPSbfmHZPJ>
fwiw, I've also added a proper patchfile to the bugreport.
Cheers!
-slow
--
Ralph Boehme, Samba Team https://samba.org/
SerNet Samba Team Lead https://sernet.de/en/
SAMBA+ Samba packages https://samba.plus/
SAMBA+ AIX Webinar https://samba.plus/samba-webinars
More information about the samba
mailing list