http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1148
Summary: LDAP parser error on NTLMSSP authentication + probably
NTLMSSP encryption
Product: Wireshark
Version: 0.99.3
Platform: PC
OS/Version: Windows Server 2003
Status: NEW
Severity: Blocker
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: ondra@xxxxxxxxxxx
Build Information:
Version 0.99.3 (SVN Rev 19011)
Copyright 1998-2006 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.6.9, with GLib 2.6.6, with WinPcap (version unknown),
with libz 1.2.3, with libpcre 6.4, with Net-SNMP 5.3.1, with ADNS, with Lua
5.1.
Running with WinPcap version 3.1 (packet.dll version 3, 1, 0, 27), based on
libpcap version 0.9[.x] on Windows Server 2003 Service Pack 1, build 3790.
--
When I capture LDAP traffic produced by Microsoft ISA Server 2006 LDAP
authentication, the parser and its product is errorneous.
The LDAP traffic tryies to connect using NTLM (NTLMSSP) authentication provider
and the parser seems to do not understand this kind of traffic.
The whole capture is available at:
http://www.sevecek.com/res/ldap-error-ntlmssp.pcap
Look especially at the packets between 192.168.1.10 (which is actually a
Windows Server 2003 Domain Controller, so that it runs MS LDAP server) and
192.168.1.1 which is the Microsoft ISA Server 2006 running on MS Windows Server
2003.
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.