summaryrefslogtreecommitdiff
path: root/source3
Commit message (Expand)AuthorAgeFilesLines
* CVE-2015-5370: s3:rpc_server: make use of pipe_auth_data->auth_context_idStefan Metzmacher2016-04-122-6/+8
* CVE-2015-5370: s3:rpc_client: make use of pipe_auth_data->auth_context_idStefan Metzmacher2016-04-121-3/+6
* CVE-2015-5370: s3:librpc/rpc: add auth_context_id to struct pipe_auth_dataStefan Metzmacher2016-04-121-0/+1
* CVE-2015-5370: s3:rpc_client: pass struct pipe_auth_data to create_rpc_{bind_...Stefan Metzmacher2016-04-121-14/+8
* CVE-2015-5370: s3:rpc_server: don't allow an existing context to be changed i...Stefan Metzmacher2016-04-121-0/+24
* CVE-2015-5370: s3:rpc_server: check the transfer syntax in check_bind_req() f...Stefan Metzmacher2016-04-121-8/+18
* CVE-2015-5370: s3:librpc/rpc: remove unused dcerpc_pull_dcerpc_auth()Stefan Metzmacher2016-04-122-45/+0
* CVE-2015-5370: s3:rpc_server: use DCERPC_NCA_S_PROTO_ERROR FAULTs for protoco...Stefan Metzmacher2016-04-121-2/+2
* CVE-2015-5370: s3:rpc_server: let a failing BIND mark the connection as brokenStefan Metzmacher2016-04-121-0/+1
* CVE-2015-5370: s3:rpc_server: disconnect the connection after a fatal FAULT pduStefan Metzmacher2016-04-121-0/+12
* CVE-2015-5370: s3:rpc_server: make use of dcerpc_verify_ncacn_packet_header()...Stefan Metzmacher2016-04-121-1/+81
* CVE-2015-5370: s3:rpc_server: verify presentation context arraysStefan Metzmacher2016-04-121-1/+16
* CVE-2015-5370: s3:rpc_server: use 'alter' instead of 'bind' for variables in ...Stefan Metzmacher2016-04-121-16/+16
* CVE-2015-5370: s3:rpc_server: ensure that the message ordering doesn't violat...Jeremy Allison2016-04-123-6/+48
* CVE-2015-5370: s3:rpc_server: make sure auth_level isn't changed by alter_con...Stefan Metzmacher2016-04-121-0/+14
* CVE-2015-5370: s3:rpc_server: let a failing auth3 mark the authentication as ...Stefan Metzmacher2016-04-121-1/+1
* CVE-2015-5370: s3:rpc_server: don't allow auth3 if the authentication was alr...Stefan Metzmacher2016-04-121-1/+8
* CVE-2015-5370: s3:rpc_server: don't ignore failures of dcerpc_push_ncacn_pack...Stefan Metzmacher2016-04-121-0/+2
* CVE-2015-5370: s3:rpc_server: just call pipe_auth_generic_bind() in api_pipe_...Stefan Metzmacher2016-04-121-39/+6
* CVE-2015-5370: s3:rpc_server: let a failing sec_verification_trailer mark the...Stefan Metzmacher2016-04-121-0/+1
* CVE-2015-5370: s3:rpc_server: make use of dcerpc_pull_auth_trailer() in api_p...Stefan Metzmacher2016-04-121-49/+13
* CVE-2015-5370: s3:rpc_client: verify auth_{type,level} in rpc_pipe_bind_step_...Stefan Metzmacher2016-04-121-0/+15
* CVE-2015-5370: s3:rpc_client: protect rpc_api_pipe_got_pdu() against too larg...Stefan Metzmacher2016-04-121-0/+5
* CVE-2015-5370: s3:rpc_client: make use of dcerpc_verify_ncacn_packet_header()...Stefan Metzmacher2016-04-121-15/+96
* CVE-2015-5370: s3:rpc_client: make use of dcerpc_pull_auth_trailer()Stefan Metzmacher2016-04-121-8/+6
* CVE-2015-5370: s3:librpc/rpc: let dcerpc_check_auth() auth_{type,level} again...Stefan Metzmacher2016-04-121-0/+8
* CVE-2015-5370: s3:librpc/rpc: remove auth trailer and possible padding within...Stefan Metzmacher2016-04-124-53/+33
* CVE-2015-5370: s3:rpc_client: remove useless frag_length check in rpc_api_pip...Stefan Metzmacher2016-04-121-8/+0
* CVE-2015-5370: s3:rpc_client: move AS/U hack to the top of cli_pipe_validate_...Stefan Metzmacher2016-04-121-11/+13
* CVE-2015-5370: s3:librpc/rpc: don't call dcerpc_pull_auth_trailer() if auth_l...Stefan Metzmacher2016-04-121-10/+2
* CVE-2016-2118: s3:rpc_server/samr: allow _samr_ValidatePassword only with PRI...Stefan Metzmacher2016-04-121-0/+5
* CVE-2016-2118: docs-xml: default "allow dcerpc auth level connect" to "no"Stefan Metzmacher2016-04-121-1/+1
* CVE-2016-2118: s3:rpc_server/{epmapper,echo}: allow DCERPC_AUTH_LEVEL_CONNECT...Stefan Metzmacher2016-04-121-0/+14
* CVE-2016-2118: s3:rpc_server/{samr,lsa,netlogon}: reject DCERPC_AUTH_LEVEL_CO...Stefan Metzmacher2016-04-121-0/+19
* CVE-2016-2118: s3:rpc_server: make use of "allow dcerpc auth level connect"Stefan Metzmacher2016-04-123-5/+57
* CVE-2016-2118: docs-xml: add "allow dcerpc auth level connect" defaulting to ...Stefan Metzmacher2016-04-121-0/+2
* CVE-2016-2118: s3: rpcclient: change the default auth level from DCERPC_AUTH_...Stefan Metzmacher2016-04-121-3/+2
* CVE-2016-2115: docs-xml: always default "client ipc signing" to "mandatory"Stefan Metzmacher2016-04-121-5/+1
* CVE-2016-2115: s3:libsmb: use SMB_SIGNING_IPC_DEFAULT and lp_client_ipc_{min,...Ralph Boehme2016-04-121-3/+4
* CVE-2016-2115: s3:libnet: use SMB_SIGNING_IPC_DEFAULTRalph Boehme2016-04-121-3/+3
* CVE-2016-2115: s3:auth_domain: use SMB_SIGNING_IPC_DEFAULTRalph Boehme2016-04-121-1/+1
* CVE-2016-2115: s3:lib/netapi: use SMB_SIGNING_IPC_DEFAULTRalph Boehme2016-04-121-1/+1
* CVE-2016-2115: net: use SMB_SIGNING_IPC_DEFAULTRalph Boehme2016-04-123-3/+3
* CVE-2016-2115: s3:libsmb: let SMB_SIGNING_IPC_DEFAULT use "client ipc min/max...Stefan Metzmacher2016-04-121-2/+12
* CVE-2016-2115: s3:libsmb: add signing constant SMB_SIGNING_IPC_DEFAULTRalph Boehme2016-04-121-0/+9
* CVE-2016-2115: s3:winbindd: use lp_client_ipc_signing()Stefan Metzmacher2016-04-121-1/+1
* CVE-2016-2115: s3:winbindd: use lp_client_ipc_{min,max}_protocol()Stefan Metzmacher2016-04-123-12/+2
* CVE-2016-2115: docs-xml: add "client ipc signing" optionStefan Metzmacher2016-04-122-0/+15
* CVE-2016-2115: docs-xml: add "client ipc min protocol" and "client ipc max pr...Stefan Metzmacher2016-04-122-0/+28
* CVE-2016-2114: s3:smbd: enforce "server signing = mandatory"Ralph Boehme2016-04-121-1/+3
View Lorry Controller Status