[prev in list] [next in list] [prev in thread] [next in thread]
List: cifs-protocol
Subject: Re: [cifs-protocol] [MS-KILE] PAC Validation changes related to CVE-2024-26248 and CVE-2024-29056 -
From: Andrew Bartlett via cifs-protocol <cifs-protocol () lists ! samba ! org>
Date: 2024-04-10 2:42:12
Message-ID: 65eb67bdc9bd93c8d1a47de961781cf67de256ec.camel () samba ! org
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Thanks Jeff, looking forward to hearing from your team.
Andrew,
On Wed, 2024-04-10 at 01:20 +0000, Jeff McCashland (He/him) via cifs-
protocol wrote:
> Sending again, as I received an error that the Samba server rejected
> my message as spam.
>
>
>
>
>
>
>
> Thank you for your question. We have created SR 2404100040000280 to
> track this issue. One of our engineers will respond soon.
>
>
>
>
>
>
>
> Best regards,
>
>
> Jeff McCashland (He/him)
> > Senior Escalation Engineer | Microsoft Protocol Open Specifications
> Team
>
> Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-
> 08:00) Pacific Time (US and Canada)
>
> Local country phone number found here:
> http://support.microsoft.com/globalenglish |
> Extension 1138300
>
>
>
>
>
>
>
>
>
>
> From: Jeff McCashland (He/him) <jeffm@microsoft.com>
>
> Sent: Tuesday, April 9, 2024 6:13 PM
>
> To: Andrew Bartlett <abartlet@samba.org>
>
> Cc: cifs-protocol mailing list <cifs-protocol@lists.samba.org>;
> Microsoft Support <supportmail@microsoft.com>
>
> Subject: [MS-KILE] PAC Validation changes related to CVE-2024-26248
> and CVE-2024-29056 - TrackingID#2404100040000280
>
>
>
>
> [DocHelp to BCC, support on CC, Updated Subject w/SR ID]
>
>
>
>
>
>
>
> Hi Andrew,
>
>
>
>
>
>
>
> Thank you for your question. We have created SR 2404100040000280 to
> track this issue. One of our engineers will respond soon.
>
>
>
>
>
>
> Best regards,
>
> Jeff McCashland (He/him)
> > Senior Escalation Engineer | Microsoft Protocol Open Specifications
> Team
>
> Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-
> 08:00) Pacific Time (US and Canada)
>
> Local country phone number found here:
> http://support.microsoft.com/globalenglish |
> Extension 1138300
>
>
>
>
>
>
>
>
>
>
> From: Andrew Bartlett <abartlet@samba.org>
>
> Sent: Tuesday, April 9, 2024 4:52 PM
>
> To: Interoperability Documentation Help <dochelp@microsoft.com>
>
> Cc: cifs-protocol mailing list <cifs-protocol@lists.samba.org>
>
> Subject: [EXTERNAL] Looking for missing documentation (MS-KILE?) for
> CVE-2024-21427, CVE-2024-20674 and PAC signature changes
>
>
>
> Kia Ora Dochelp,
>
>
>
> Recently I saw "KB5037754: How to manage PAC Validation changes
> related
>
> to CVE-2024-26248 and CVE-2024-29056" was published.
>
>
>
> Can I have a pointer to the new NETLOGON behaviour and the new
>
> structures for the SamLogon PAC validation, and the new required
>
> behaviours so a Samba AD DC can handle this?
>
>
>
> I don't see any errata that looks relevant yet.
>
>
>
> Thanks,
>
>
>
> Andrew Bartlett
>
> --
>
>
>
> Andrew Bartlett (he/him)
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsamba.org%2F~abart \
> let%2F&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f \
> 988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148287662%7CUnknown%7CTWFpbGZsb3d8e \
> yJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=DoJv%2Fk%2FvbO065BiRFszlshQA22xOg48Dog5Slvkf%2BwU%3D&reserved=0
>
> Samba Team Member (since 2001)
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsamba.org%2F&data= \
> 05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141a \
> f91ab2d7cd011db47%7C1%7C0%7C638483036148294830%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wL \
> jAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=iqXfl5Npw3y8oT3gCVqhg1tMa7RBaWrmDS1yNY%2FDhS8%3D&reserved=0
>
> Samba Team Lead
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcatalyst.net.nz%2F \
> services%2Fsamba&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0 \
> 416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148298984%7CUnknown%7CTWF \
> pbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=7iA%2F%2FgX1QA6n04F9d7nsyTdPCEYJ1abbGket9g4b1E8%3D&reserved=0
>
> Catalyst.Net Ltd
>
>
>
>
>
> Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group
>
> company
>
>
>
> Samba Development and Support:
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcatalyst.net.nz%2F \
> services%2Fsamba&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0 \
> 416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148301821%7CUnknown%7CTWF \
> pbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=NvjLgvKGmHyq%2FQkJX2DrxX62nsmQEa4G4e%2BzkgRCMJc%3D&reserved=0
>
>
>
> Catalyst IT - Expert Open Source Solutions
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________cifs-protocol mailing
> listcifs-protocol@lists.samba.org
> https://lists.samba.org/mailman/listinfo/cifs-protocol
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead https://catalyst.net.nz/services/samba
Catalyst.Net Ltd
Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group
company
Samba Development and Support: https://catalyst.net.nz/services/samba
Catalyst IT - Expert Open Source Solutions
[Attachment #5 (text/html)]
<html dir="ltr"><head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} \
</style> </head>
<body dir="ltr" style="text-align:left; direction:ltr;"><div>Thanks Jeff, looking \
forward to hearing from your \
team.</div><div><br></div><div>Andrew,</div><div><br></div><div>On Wed, 2024-04-10 at \
01:20 +0000, Jeff McCashland (He/him) via cifs-protocol wrote:</div><blockquote \
type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf \
solid;padding-left:1ex"> <div class="elementToProof" style="font-family: Aptos, \
Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: \
11pt; color: rgb(0, 0, 0);"> Sending again, as I received an error that the Samba \
server rejected my message as spam. </div> <div class="elementToProof" \
style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, \
Helvetica, sans-serif; font-size: 11pt; color: rgb(0, 0, 0);"> <br>
</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, \
Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 11pt; color: rgb(0, \
0, 0);"> Thank you for your question. We have created SR 2404100040000280 to track \
this issue. One of our engineers will respond soon. </div> <div \
class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, \
Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 11pt; color: rgb(0, \
0, 0);"> <br>
</div>
<div class="elementToProof" style="font-family: Arial, sans-serif; font-size: 10pt; \
color: blue;"> Best regards,</div>
<div class="elementToProof" style="font-family: Arial, sans-serif; font-size: 11pt; \
color: rgb(0, 0, 0);"> <span style="font-size: 10pt; color: navy;"><b><i>Jeff \
M</i></b></span><span style="font-size: 10pt; color: rgb(0, 32, \
96);"><b><i><sup>c</sup></i></b></span><span style="font-size: 10pt; color: \
navy;"><b><i>Cashland (He/him) </i>| Senior Escalation Engineer<i> | \
Microsoft</i></b></span><span style="color: navy;"><b> </b></span><span \
style="font-size: 10pt; color: navy;"><b>Protocol Open Specifications \
Team</b></span></div> <p><span style="font-family: Arial, sans-serif; font-size: 9pt; \
color: blue;">Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: \
(UTC-08:00) Pacific Time (US and Canada)</span></p> <p><span style="font-family: \
Arial, sans-serif; font-size: 8pt; color: blue;">Local country phone number found \
here: </span><span style="font-family: Arial, sans-serif; font-size: 8pt; color: \
rgb(47, 84, 150);"><a href="http://support.microsoft.com/globalenglish" \
id="OWA5c43953c-a33a-b8e4-ec88-e197e7547f82" class="OWAAutoLink" \
data-loopstyle="linkonly" style="margin-top: 0px; margin-bottom: \
0px;">http://support.microsoft.com/globalenglish</a></span><span style="font-family: \
Arial, sans-serif; font-size: 8pt; color: blue;"> | Extension \
1138300</span></p> <p> </p>
<div style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, \
Helvetica, sans-serif; font-size: 11pt; color: rgb(0, 0, 0);"> <br>
</div>
<hr style="display: inline-block; width: 98%;">
<div style="direction: ltr; font-family: Calibri, sans-serif; font-size: 11pt; color: \
rgb(0, 0, 0);"> <b>From:</b> Jeff McCashland (He/him) \
<jeffm@microsoft.com><br> <b>Sent:</b> Tuesday, April 9, 2024 6:13 PM<br>
<b>To:</b> Andrew Bartlett <abartlet@samba.org><br>
<b>Cc:</b> cifs-protocol mailing list <cifs-protocol@lists.samba.org>; \
Microsoft Support <supportmail@microsoft.com><br> \
<b>Subject:</b> [MS-KILE] PAC Validation changes related to CVE-2024-26248 and \
CVE-2024-29056 - TrackingID#2404100040000280</div> <div style="direction: \
ltr;"> </div> <div style="direction: ltr; font-family: Aptos, \
Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: \
11pt; color: rgb(0, 0, 0);"> [DocHelp to BCC, support on CC, Updated Subject w/SR \
ID]</div> <div style="direction: ltr; font-family: Aptos, Aptos_EmbeddedFont, \
Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 11pt; color: rgb(0, \
0, 0);"> <br>
</div>
<div style="direction: ltr; font-family: Aptos, Aptos_EmbeddedFont, \
Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 11pt; color: rgb(0, \
0, 0);"> Hi Andrew,</div>
<div style="direction: ltr; font-family: Aptos, Aptos_EmbeddedFont, \
Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 11pt; color: rgb(0, \
0, 0);"> <br>
</div>
<div style="direction: ltr; font-family: Aptos, Aptos_EmbeddedFont, \
Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 11pt; color: rgb(0, \
0, 0);"> Thank you for your question. We have created SR 2404100040000280 to track \
this issue. One of our engineers will respond soon. </div> <div \
style="direction: ltr; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, \
Calibri, Helvetica, sans-serif; font-size: 11pt; color: rgb(0, 0, 0);"> <br>
</div>
<p style="direction: ltr; margin-top: 0px; margin-bottom: 0px;"><span \
style="font-family: Arial, sans-serif; font-size: 10pt; color: blue;">Best \
regards,</span><span style="font-family: Arial, sans-serif; font-size: 10pt; color: \
navy;"><b><br> <i>Jeff M</i></b></span><span style="font-family: Arial, sans-serif; \
font-size: 10pt; color: rgb(0, 32, 96);"><b><i><sup>c</sup></i></b></span><span \
style="font-family: Arial, sans-serif; font-size: 10pt; color: navy;"><b><i>Cashland \
(He/him) </i>| Senior Escalation Engineer<i> | Microsoft</i></b></span><span \
style="font-family: Arial, sans-serif; color: navy;"><b> </b></span><span \
style="font-family: Arial, sans-serif; font-size: 10pt; color: navy;"><b>Protocol \
Open Specifications Team</b></span></p> <p style="direction: ltr; margin-top: 0px; \
margin-bottom: 0px;"><span style="font-family: Arial, sans-serif; font-size: 9pt; \
color: blue;">Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: \
(UTC-08:00) Pacific Time (US and Canada)</span></p> <p style="direction: ltr; \
margin-top: 0px; margin-bottom: 0px;"><span style="font-family: Arial, sans-serif; \
font-size: 8pt; color: blue;">Local country phone number found here: </span><span \
style="font-family: Arial, sans-serif; font-size: 8pt; color: rgb(47, 84, 150);"><a \
href="http://support.microsoft.com/globalenglish" \
id="OWA337c3931-7b89-5604-3846-41785c331979" class="x_OWAAutoLink" \
data-auth="NotApplicable" data-loopstyle="linkonly" style="margin-top: 0px; \
margin-bottom: 0px;">http://support.microsoft.com/globalenglish</a></span><span \
style="font-family: Arial, sans-serif; font-size: 8pt; color: blue;"> | \
Extension 1138300</span></p> <p style="direction: ltr; margin-top: 0px; \
margin-bottom: 0px;"> </p> <div style="direction: ltr; font-family: Aptos, \
Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: \
11pt; color: rgb(0, 0, 0);"> <br>
</div>
<hr style="direction: ltr; display: inline-block; width: 98%;">
<div style="direction: ltr; font-family: Calibri, sans-serif; font-size: 11pt; color: \
rgb(0, 0, 0);"> <b>From:</b> Andrew Bartlett <abartlet@samba.org><br>
<b>Sent:</b> Tuesday, April 9, 2024 4:52 PM<br>
<b>To:</b> Interoperability Documentation Help <dochelp@microsoft.com><br>
<b>Cc:</b> cifs-protocol mailing list <cifs-protocol@lists.samba.org><br>
<b>Subject:</b> [EXTERNAL] Looking for missing documentation (MS-KILE?) for \
CVE-2024-21427, CVE-2024-20674 and PAC signature changes</div> <div style="direction: \
ltr;"> </div> <div style="direction: ltr; font-size: 11pt;">Kia Ora Dochelp,<br>
<br>
Recently I saw "KB5037754: How to manage PAC Validation changes related<br>
to CVE-2024-26248 and CVE-2024-29056" was published.<br>
<br>
Can I have a pointer to the new NETLOGON behaviour and the new<br>
structures for the SamLogon PAC validation, and the new required<br>
behaviours so a Samba AD DC can handle this?<br>
<br>
I don't see any errata that looks relevant yet.<br>
<br>
Thanks,<br>
<br>
Andrew Bartlett<br>
--<br>
<br>
Andrew Bartlett (he/him) <a \
href="https://samba.org/~abartlet/" id="OWAb0a12e9a-e322-9790-2d6a-6c8570553172" \
class="x_OWAAutoLink" data-auth="NotApplicable" data-loopstyle="linkonly"> \
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsamba.org%2F~abartle \
t%2F&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f \
988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148287662%7CUnknown%7CTWFpbGZsb3d8eyJ \
WIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=DoJv%2Fk%2FvbO065BiRFszlshQA22xOg48Dog5Slvkf%2BwU%3D&reserved=0</a><br>
Samba Team Member (since 2001) <a href="https://samba.org/" \
id="OWAb791f6ef-b27d-4b6c-9dcd-dd3d38429373" class="x_OWAAutoLink" \
data-auth="NotApplicable" data-loopstyle="linkonly"> \
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsamba.org%2F&dat \
a=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141a \
f91ab2d7cd011db47%7C1%7C0%7C638483036148294830%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjA \
wMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=iqXfl5Npw3y8oT3gCVqhg1tMa7RBaWrmDS1yNY%2FDhS8%3D&reserved=0</a><br>
Samba Team Lead \
<a href="https://catalyst.net.nz/services/samba" \
id="OWA31cb1cab-8d7e-0a65-7aba-5c2cf9465a1c" class="x_OWAAutoLink" \
data-auth="NotApplicable" data-loopstyle="linkonly"> \
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcatalyst.net.nz%2Fse \
rvices%2Fsamba&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0 \
416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148298984%7CUnknown%7CTWFpb \
GZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7 \
C%7C&sdata=7iA%2F%2FgX1QA6n04F9d7nsyTdPCEYJ1abbGket9g4b1E8%3D&reserved=0</a><br>
Catalyst.Net Ltd<br>
<br>
<br>
Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group<br>
company<br>
<br>
Samba Development and Support: <a href="https://catalyst.net.nz/services/samba" \
id="OWA1d03af79-24b1-b4b3-b38b-6e620464398d" class="x_OWAAutoLink" \
data-auth="NotApplicable" data-loopstyle="linkonly"> \
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcatalyst.net.nz%2Fse \
rvices%2Fsamba&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0 \
416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148301821%7CUnknown%7CTWFpb \
GZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7 \
C%7C&sdata=NvjLgvKGmHyq%2FQkJX2DrxX62nsmQEa4G4e%2BzkgRCMJc%3D&reserved=0</a><br>
<br>
Catalyst IT - Expert Open Source Solutions<br>
<br>
<br>
<br>
</div>
<pre>_______________________________________________</pre><pre>cifs-protocol mailing \
list</pre><a href="mailto:cifs-protocol@lists.samba.org"><pre>cifs-protocol@lists.samba.org</pre></a><pre><br></pre><a \
href="https://lists.samba.org/mailman/listinfo/cifs-protocol"><pre>https://lists.samba \
.org/mailman/listinfo/cifs-protocol</pre></a><pre><br></pre></blockquote><div><span><pre>-- \
<br></pre><div style="width: 71ch;">Andrew Bartlett \
(he/him) <a \
href="https://samba.org/~abartlet/">https://samba.org/~abartlet/</a></div><div \
style="width: 71ch;" data-evo-signature-plain-text-mode="">Samba Team Member (since \
2001) <a href="https://samba.org">https://samba.org</a></div><div style="width: \
71ch;" data-evo-signature-plain-text-mode="">Samba Team Lead \
<a \
href="https://catalyst.net.nz/services/samba">https://catalyst.net.nz/services/samba</a></div><div \
style="width: 71ch;" data-evo-signature-plain-text-mode=""><span style="font-size: \
17.333334px;">Catalyst.Net Ltd</span></div><div style="width: 71ch;" \
data-evo-signature-plain-text-mode=""><span style="font-size: \
17.333334px;"><br></span></div><div style="width: 71ch;" \
data-evo-signature-plain-text-mode="">Proudly developing Samba for Catalyst.Net Ltd - \
a Catalyst IT group company</div><div style="width: 71ch;" \
data-evo-signature-plain-text-mode=""><br></div><div style="width: 71ch;" \
data-evo-signature-plain-text-mode="">Samba Development and Support: <a \
href="https://catalyst.net.nz/services/samba">https://catalyst.net.nz/services/samba</a></div><div \
style="width: 71ch;" data-evo-signature-plain-text-mode=""><br></div><div \
style="width: 71ch;" data-evo-signature-plain-text-mode="">Catalyst IT - Expert Open \
Source Solutions</div><div style="width: 71ch;" \
data-evo-signature-plain-text-mode=""><br></div><div style="width: 71ch;" \
data-evo-signature-plain-text-mode=""><br></div></span></div></body></html>
_______________________________________________
cifs-protocol mailing list
cifs-protocol@lists.samba.org
https://lists.samba.org/mailman/listinfo/cifs-protocol
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic