git.samba.org - ab/samba-autobuild/.git/commit

author	Günther Deschner <gd@samba.org>
	Tue, 13 Mar 2018 15:56:20 +0000 (16:56 +0100)
committer	Karolin Seeger <kseeger@samba.org>
	Sat, 11 Aug 2018 19:56:43 +0000 (21:56 +0200)
commit	9ff1d906d0945c644b964f2e577547927387ac6e
tree	926a1caf0243b8c2ad2dd45af78b286ab0d59ffd	tree
parent	cd2e11d9036782d9bf2ac553285694211cce856c	commit \| diff

CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it is disabled via "ntlm auth".

This fixes a regression that came in via 00db3aba6cf9ebaafdf39ee2f9c7ba5ec2281ea0.

Found by Vivek Das <vdas@redhat.com> (Red Hat QE).

In order to demonstrate simply run:

smbclient //server/share -U user%password -mNT1 -c quit \
--option="client ntlmv2 auth"=no \
--option="client use spnego"=no

against a server that uses "ntlm auth = ntlmv2-only" (our default
setting).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360

CVE-2018-1139: Weak authentication protocol allowed.

Guenther

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

libcli/auth/ntlm_check.c		diff \| blob \| history
selftest/knownfail		diff \| blob \| history
selftest/knownfail.d/ntlm	[deleted file]	blob \| history