| commit | 0d202609c0db3551ae24a50414596405524f0909 | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Fri, 26 Jun 2015 06:10:46 +0000 (26 08:10 +0200) | ||
| committer | Stefan Metzmacher <metze@samba.org> | |
| Wed, 30 Mar 2016 02:10:09 +0000 (30 04:10 +0200) | ||
| tree | 5e726652c865131ecc2ae235031ce7ecb78b2b85 | treesnapshot (tar.gz zip) |
| parent | b40ab6b081e0e4c43d568ac65247e63383f1c980 | commitdiff |
CVE-2015-5370: s4:rpc_server: ensure that the message ordering doesn't violate the spec
The first pdu is always a BIND.
REQUEST pdus are only allowed once the authentication
is finished.
A simple anonymous authentication is finished after the BIND.
Real authentication may need additional ALTER or AUTH3 exchanges.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
The first pdu is always a BIND.
REQUEST pdus are only allowed once the authentication
is finished.
A simple anonymous authentication is finished after the BIND.
Real authentication may need additional ALTER or AUTH3 exchanges.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
| source4/rpc_server/dcerpc_server.c | diffblobblamehistory | |
| source4/rpc_server/dcerpc_server.h | diffblobblamehistory | |
| source4/rpc_server/dcesrv_auth.c | diffblobblamehistory |