A blog about my "Dollar Ticket" attack (Nov 2021 security issue)
Andrew Bartlett
abartlet at samba.org
Mon May 16 22:55:32 UTC 2022
Thanks. It is only looking back at it now, with a bit of distance, can
I really appreciate it.
So Thank You, and thanks for your support along the way, it was great
to have you on this journey!
Andrew,
On Mon, 2022-05-16 at 15:08 +0300, Nadezhda Ivanova via samba-technical
wrote:
> Great article, Andrew, thank you for sharing it!
>
> You and the Catalyst team deserve a medal for your immense effort
> and
> your technical brilliance on this issue!
>
> On 13/05/2022 09:22, Andrew Bartlett via samba-technical wrote:
> > I wrote up
> > https://www.catalyst.net.nz/blog/stay-curious-lessons-doller-ticket-security-issue
> > to explain a bit of how we got to the big Nov 2021 security issue.
> >
> > I do want to say again a really big thanks to everyone who stepped
> > up
> > to help us in the rush up to November last year.
> >
> > Also, here is the puff-piece we wrote up regarding finding the
> > issue
> > https://www.catalyst.net.nz/blog/catalyst-samba-team-fixes-critical-microsoft-security-issue
> >
> > Oh, and one last thing:
> >
> > https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26931
> >
> > is credited to me. Fun times! MS hasn't put as much detail out on
> > that one, but I'll talk more once that is public.
> >
> > Andrew,
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba
Samba Development and Support, Catalyst IT - Expert Open Source
Solutions
More information about the samba-technical
mailing list