[Pkg-samba-maint] Bug#845342: Bug#845342: samba-common-bin: nmblookup broken over routed connection?
Jelmer Vernooij
jelmer at jelmer.uk
Tue Nov 22 16:46:45 UTC 2016
On Tue, Nov 22, 2016 at 05:17:09PM +0100, herrmann wrote:
> Package: samba-common-bin
> Version: 2:4.2.10+dfsg-0+deb8u3
> Severity: important
> Tags: upstream
>
> Today we had the (very!) rare chance to restart all our windows 2012 domain
> controllers and to apply all outstanding windows updates of the past few
> monthes.
>
> Since then nmblookup is no longer able to lookup names or ip addresses when the
> target is accessible over a routed connection only. It works well, when the
> target is in the same subnet. We use nmblookup on a daily base, and until
> yesterday it worked. So I guess, that one of the windows updates is responsible
> for this new behaviour (maybe CVE-2016-3236).
>
> Looking up the domain controllers Port 137 UDP (which is used by nmblookup)
> with nmap on a routed connection shows the port as closed. Looking up the same
> port on a direct connection shows it as open. This behaviour seems not to be
> linked to the windows firewall.
>
> I may be hunting a ghost, but if not, it might be a good idea, to consider
> nmblookup dead and either mark it as deprecated or better remove it from the
> package. There are other ways, to find domain controllers and their addresses.
>
> Unfortunately I have no idea, which other packages might depend on nmblookup.
> In my case it was basic_smb_auth.sh in package squid3, which no longer works
> (so I replaced the lookups with static entries).
This is not a bug on the Samba side.
nmblookup is a tool that can look up NetBIOS names, which it can still do.
Other versions of Windows and Samba itself still do support NetBIOS.
More information about the Pkg-samba-maint
mailing list