samba.git/libcli/security, branch v3-5-test Unnamed repository; edit this file 'description' to name the repository. Fix bug #7669. 2010-09-15T18:53:08+00:00 Jeremy Allison jra@samba.org 2010-09-09T13:54:23+00:00 462e5f7b139e294016ecefefed20dda107816622 Fix bug #7669 (buffer overflow in sid_parse() in Samba3 and dom_sid_parse in Samba4). CVE-2010-3069: =========== Description =========== All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of a Windows SID (Security ID). This allows a malicious client to send a sid that can overflow the stack variable that is being used to store the SID in the Samba smbd server. A connection to a file share is needed to exploit this vulnerability, either authenticated or unauthenticated (guest connection). (cherry picked from commit a34c3e999bb1ea61da31c5b3e845b19663039358) 
Fix bug #7669 (buffer overflow in sid_parse() in Samba3 and dom_sid_parse in
Samba4).

CVE-2010-3069:

===========
Description
===========

All current released versions of Samba are vulnerable to
a buffer overrun vulnerability. The sid_parse() function
(and related dom_sid_parse() function in the source4 code)
do not correctly check their input lengths when reading a
binary representation of a Windows SID (Security ID). This
allows a malicious client to send a sid that can overflow
the stack variable that is being used to store the SID in the
Samba smbd server.

A connection to a file share is needed to exploit this
vulnerability, either authenticated or unauthenticated
(guest connection).
(cherry picked from commit a34c3e999bb1ea61da31c5b3e845b19663039358)
Initial implementation of security descriptor creation in DS 2009-09-20T22:16:17+00:00 Nadezhda Ivanova nadezhda.ivanova@postpath.com 2009-09-20T20:50:34+00:00 6283f2caaa42c7238bdc9c2e8bc1246207645019 TODO's: ACE sorting and clarifying the inheritance of object specific ace's. 
TODO's:
ACE sorting and clarifying the inheritance of object specific ace's.
Owner and group defaulting. 2009-09-16T14:52:05+00:00 Nadezhda Ivanova nadezhda.ivanova@postpath.com 2009-09-14T16:44:41+00:00 d70e17171912c190b258848edb1ae627fe59cde4 Signed-off-by: Andrew Bartlett <abartlet@samba.org> 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Create a correct talloc hierarchy in make_sec_acl() 2009-07-14T18:49:06+00:00 Volker Lendecke vl@samba.org 2009-07-14T16:34:07+00:00 72da71acf925ffe4cc87ca2bcba3770af3fe3d8b 






A fix in the ACL code used by both SAMBA 3 and 4
2009-06-19T01:32:01+00:00

Matthias Dieter Wallnöfer
mwallnoefer@yahoo.de

2009-06-18T09:18:05+00:00

a8e757ba4ca2a003c114295473fe08a8f80fb2c2

This fixes an uninitialised structure. It has been found through valgrind
in the RAW-ACLs test suite (Bug #6397).





This fixes an uninitialised structure. It has been found through valgrind
in the RAW-ACLs test suite (Bug #6397).







Fix includes for security_descriptor file for the non-merged build.
2009-04-21T15:19:22+00:00

Jelmer Vernooij
jelmer@samba.org

2009-04-21T15:19:22+00:00

7a0a134e0cc0720402b2e07ee8bc9887ce8e8c5d












Move the security_descriptor utility code to the top-level.
2009-04-21T13:14:35+00:00

Jelmer Vernooij
jelmer@samba.org

2009-04-21T12:27:25+00:00

2eff2de2f81374483df99757046f1d5ee4050155












display_sec: Move to common libcli/security directory.
2009-03-25T20:29:13+00:00

Jelmer Vernooij
jelmer@samba.org

2009-03-25T20:29:13+00:00

c42fc5e103d9d210c2f370e237a952e6df361792












libcli/security: fix the source4 build
2009-03-02T11:05:43+00:00

Stefan Metzmacher
metze@samba.org

2009-03-02T11:05:43+00:00

84b57a5dbad538e819591daa2c42a9b35206c409

metze





metze







libcli/security: fix the source3 build
2009-03-02T07:56:22+00:00

Stefan Metzmacher
metze@samba.org

2009-03-02T07:55:00+00:00

ae1a69f3ea42d778d5cb16523fd7bf4f7f36a3c9

metze





metze