git.samba.org / kseeger / samba-autobuild-v4-13-test / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b824444) | patch
CVE-2020-10700: dsdb: Do not permit the ASQ control for the GUID search in paged_results
authorAndrew Bartlett <abartlet@samba.org>
Wed, 11 Mar 2020 03:43:31 +0000 (16:43 +1300)
committerKarolin Seeger <kseeger@samba.org>
Wed, 22 Apr 2020 10:50:42 +0000 (12:50 +0200)
commitfb3e51020ab589cf76306b36548eda8a2de8f6ce
tree8e64a37ff308b941c216f886fb7d803a9e5356eftree
parentb824444544f8b970ed93c914cb96de3b54c6e282commit | diff
CVE-2020-10700: dsdb: Do not permit the ASQ control for the GUID search in paged_results

ASQ is a very strange control and a BASE search can return multiple results
that are NOT the requested DN, but the DNs pointed to by it!

Thanks to Andrei Popa <andrei.popa@next-gen.ro> for finding,
reporting and working with us to diagnose this issue!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
selftest/knownfail.d/asq [deleted file] blob | history
source4/dsdb/samdb/ldb_modules/paged_results.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.