| commit | f580c8c3a6eb5a296a91633dc6ce3e0e84f7a877 | |
| author | Andrew Bartlett <abartlet@samba.org> | |
| Wed, 27 Nov 2013 17:50:01 +0000 (28 06:50 +1300) | ||
| committer | Karolin Seeger <kseeger@samba.org> | |
| Tue, 11 Mar 2014 10:59:20 +0000 (11 11:59 +0100) | ||
| tree | 6501999dc158fef0704bf29d1e035690e22bcb0d | treesnapshot (tar.gz zip) |
| parent | 8fee6bd909714a487841001bcc82bf8f8665ca06 | commitdiff |
CVE-2013-4496:Revert remainder of ce895609b04380bfc41e4f8fddc84bd2f9324340
Part of this was removed when ChangePasswordUser was unimplemented,
but remove the remainder of this flawed commit. Fully check the
password first, as extract_pw_from_buffer() already does a partial
check of the password because it needs a correct old password to
correctly decrypt the length.
Andrew Bartlett
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Part of this was removed when ChangePasswordUser was unimplemented,
but remove the remainder of this flawed commit. Fully check the
password first, as extract_pw_from_buffer() already does a partial
check of the password because it needs a correct old password to
correctly decrypt the length.
Andrew Bartlett
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
| source4/rpc_server/samr/samr_password.c | diffblobblamehistory |