Bug #1894
Samba password hash disclosure
Status: | CLOSED | Start date: | 04/29/2013 | |
---|---|---|---|---|
Priority: | High | Due date: | 04/29/2013 | |
Assignee: | - | % Done: | 100% | |
Category: | nethserver-directory | |||
Target version: | v6.4-beta1 | |||
Security class: | Resolution: | |||
Affected version: | v6.4-alpha2 | NEEDINFO: |
Description
The sambaNTPassword
LDAP attribute is still readable by authenticated users
that connects through the LDAP rewrite overlay
Reproducibility always
$ LDAPTLS_REQCERT=never ldapsearch -Z -x -H ldap://nethserver -D \ uid=myaccount,ou=People,dc=domain,dc=tld -b dc=domain,dc=tld -W
ACLs must be set also on the overlay
Related issues
Associated revisions
NethServer/Directory (enforceAccessDirective): apply configuration on both bdb and rwm slapd overlay. Refs #1894
History
#1 Updated by Davide Principi over 8 years ago
- Due date set to 04/29/2013
- Status changed from NEW to ON_DEV
- Assignee set to Davide Principi
- Start date set to 04/29/2013
- % Done changed from 0 to 30
#2 Updated by Davide Principi over 8 years ago
- Status changed from ON_DEV to ON_QA
- % Done changed from 30 to 80
#3 Updated by Davide Principi over 8 years ago
- Status changed from ON_QA to MODIFIED
- % Done changed from 80 to 100
In nethserver-samba-1.1.0-32.0git737306ee.ns6.noarch
#4 Updated by Davide Principi about 8 years ago
- Status changed from MODIFIED to CLOSED