Displaying 2 results from an estimated 2 matches for "cc247297".
2018 Jun 18
2
CVE-2008-4250?
Good morning/day/night to all!
After moving all my infrastructure to Debian9, changed my ADDC from
Win2K12 to Samba4 scanning my network I found the following:
--------------------------------------------------------------------------------------------------------------------------------
koratsuki at happyharry:~$ nmap --script smb-vuln-ms08-067.nse -p445
smb-addc.tld
Starting Nmap 7.50 (
2018 Jun 18
0
CVE-2008-4250?
...r, the RNG_ERROR
(yet another way to say not implemented) included.
Hopefully this is enough to assist you, if you need to assuage an
auditor then I suggest submitting a patch implementing it.
This won't be hard, the clue is in the implementation note:
https://msdn.microsoft.com/en-us/library/cc247297.aspx#Appendix_A_116
<116>
Section 3.1.4.31: The server does a standard C string comparison on the
canonicalized path names and returns the result.
<117>
Section 3.1.4.31: No security restrictions are imposed by Windows-based
server implementations on the caller.
I hope this helps,
A...