search for: securabv

...ow should patch their installations and packages to change this default, as values of: - server schannel = no - server schannel = auto are NOT secure and we expect can result in full domain compromise, particularly for AD domains. Some public exploit tests, such as https://github.com/SecuraBV/CVE-2020-1472/blob/master/zerologon_tester.py only confirm that a ServerAuthenticate3 call operates, but not that the ServerPasswordSet2 call required to exploit the domain also operates. We are well aware of administrator concern and are looking to provide patches that provide mitigation her...

...ow should patch their installations and packages to change this default, as values of: - server schannel = no - server schannel = auto are NOT secure and we expect can result in full domain compromise, particularly for AD domains. Some public exploit tests, such as https://github.com/SecuraBV/CVE-2020-1472/blob/master/zerologon_tester.py only confirm that a ServerAuthenticate3 call operates, but not that the ServerPasswordSet2 call required to exploit the domain also operates. We are well aware of administrator concern and are looking to provide patches that provide mitigation her...