| commit | d29c9450093e470d99cb82e70cd421db4240cf63 | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Tue, 1 Dec 2015 14:01:09 +0000 (1 15:01 +0100) | ||
| committer | Stefan Metzmacher <metze@samba.org> | |
| Tue, 29 Mar 2016 14:25:37 +0000 (29 16:25 +0200) | ||
| tree | bf94f7774c4913891ff54aabb1c1c2cd40ebf4ae | treesnapshot (tar.gz zip) |
| parent | 4e5c214a6f3d4b745696d7c2a2e349cc23e7466e | commitdiff |
CVE-2016-2110: auth/ntlmssp: don't allow a downgrade from NTLMv2 to LM_AUTH
man smb.conf says "client ntlmv2 auth = yes" the default disables,
"client lanman auth = yes":
...
Likewise, if the client ntlmv2 auth parameter is enabled, then only NTLMv2
logins will be attempted.
...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
man smb.conf says "client ntlmv2 auth = yes" the default disables,
"client lanman auth = yes":
...
Likewise, if the client ntlmv2 auth parameter is enabled, then only NTLMv2
logins will be attempted.
...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
| auth/ntlmssp/ntlmssp_client.c | diffblobblamehistory |