Univention Bugzilla – Full Text Bug Listing |
Summary: | UCS still allows NTLMv1, should switch to Samba default "ntlmv2-only" | ||
---|---|---|---|
Product: | UCS | Reporter: | Arvid Requate <requate> |
Component: | Samba4 | Assignee: | Arvid Requate <requate> |
Status: | CLOSED FIXED | QA Contact: | Felix Botner <botner> |
Severity: | normal | ||
Priority: | P3 | CC: | best, gohmann, grandjean |
Version: | UCS 4.3 | ||
Target Milestone: | UCS 4.3-1-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
URL: | https://wiki.samba.org/index.php/Samba_4.7_Features_added/changed#Parameter_changes | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | Security | |
Max CVSS v3 score: | |||
Bug Depends on: | 42847 | ||
Bug Blocks: | 47100 |
Description
Arvid Requate
2018-04-05 13:42:19 CEST
a2579401a4 | Adjust default for samba/ntlm/auth ("ntlm auth") to match samba 53f2c1d2a8 | Advisory OK - ntlmv2-only is default for ntlm auth OK - UCR description OK - yaml Reopen: Also needed fixing in univention-samba: 2e73fefa7e | Similar patch for univention-samba 553b50d887 | Advisory OK - univention-samba OK - yaml |