| commit | 26ad208abde55504f08f9d777ebbad589608251d | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Fri, 26 Jun 2015 06:10:46 +0000 (26 08:10 +0200) | ||
| committer | Stefan Metzmacher <metze@samba.org> | |
| Wed, 30 Mar 2016 02:21:35 +0000 (30 04:21 +0200) | ||
| tree | ec5d5f9b87f3379a5a24fe84eab8716bf4f5c4ee | treesnapshot (tar.gz zip) |
| parent | 2ed603a3780dfd246f8c3cd2718f0561f77ca4be | commitdiff |
CVE-2015-5370: s4:rpc_server: ensure that the message ordering doesn't violate the spec
The first pdu is always a BIND.
REQUEST pdus are only allowed once the authentication
is finished.
A simple anonymous authentication is finished after the BIND.
Real authentication may need additional ALTER or AUTH3 exchanges.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
The first pdu is always a BIND.
REQUEST pdus are only allowed once the authentication
is finished.
A simple anonymous authentication is finished after the BIND.
Real authentication may need additional ALTER or AUTH3 exchanges.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
| source4/rpc_server/dcerpc_server.c | diffblobblamehistory | |
| source4/rpc_server/dcerpc_server.h | diffblobblamehistory | |
| source4/rpc_server/dcesrv_auth.c | diffblobblamehistory |