150004 – samba mishandles plaintext passwords

Bug 150004 - samba mishandles plaintext passwords

Summary: samba mishandles plaintext passwords

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Enterprise Linux 3
Classification:	Red Hat
Component:	samba
Sub Component:
Version:	3.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Jay Fenlason
QA Contact:	David Lawrence
Docs Contact:
URL:
Whiteboard:	NdRvw
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-03-01 16:09 UTC by Steve Conklin
Modified:	2014-08-31 23:27 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-01-24 21:36:15 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
This is the patch from the samba BZ that reportedly solved the problem (814 bytes, patch) 2005-03-01 16:09 UTC, Steve Conklin	no flags	Details \| Diff
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Samba Project	2323	0	None	None	None	Never

Description Steve Conklin 2005-03-01 16:09:52 UTC

Created attachment 111529 [details]
This is the patch from the samba BZ that reportedly solved the problem

Comment 1 Steve Conklin 2005-03-01 16:09:52 UTC

Description of problem:

Samba mishandles plaintext passwords

Using samba 3.0.10 on RHEL 3 as server (using unencrypted passwords and PAM
auth) and a Win XP client machine.  On initial attempt to connect, we've been
seeing PAM auth failures that I've traced back to the server seeing password =
username despite that not being the case on the wire (password is NULL as
windows appears to be trying NULL before promtping for a password).

https://bugzilla.samba.org/show_bug.cgi?id=2323

Comment 14 David Lawrence 2006-04-18 20:37:06 UTC

NEEDINFO_ENG has been deprecated in favor of NEEDINFO or ASSIGNED. Changing
status to ASSIGNED for ENG review.

Note You need to log in before you can comment on or make changes to this bug.