search for: appendix_a_116

Good morning/day/night to all! After moving all my infrastructure to Debian9, changed my ADDC from Win2K12 to Samba4 scanning my network I found the following: -------------------------------------------------------------------------------------------------------------------------------- koratsuki at happyharry:~$ nmap --script smb-vuln-ms08-067.nse -p445 smb-addc.tld Starting Nmap 7.50 (

...OR (yet another way to say not implemented) included. Hopefully this is enough to assist you, if you need to assuage an auditor then I suggest submitting a patch implementing it. This won't be hard, the clue is in the implementation note: https://msdn.microsoft.com/en-us/library/cc247297.aspx#Appendix_A_116 <116> Section 3.1.4.31: The server does a standard C string comparison on the canonicalized path names and returns the result. <117> Section 3.1.4.31: No security restrictions are imposed by Windows-based server implementations on the caller. I hope this helps, Andrew Bartlett -- A...