Описание
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."
A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux Extended Update Support 5.6 | samba | Affected | ||
| Red Hat Enterprise Linux Extended Update Support 5.6 | samba3x | Affected | ||
| Red Hat Enterprise Linux 4 Extended Lifecycle Support | samba | Fixed | RHSA-2016:0625 | 12.04.2016 |
| Red Hat Enterprise Linux 5 | samba3x | Fixed | RHSA-2016:0613 | 12.04.2016 |
| Red Hat Enterprise Linux 5 | samba | Fixed | RHSA-2016:0621 | 12.04.2016 |
| Red Hat Enterprise Linux 5.6 Long Life | samba | Fixed | RHSA-2016:0623 | 12.04.2016 |
| Red Hat Enterprise Linux 5.6 Long Life | samba3x | Fixed | RHSA-2016:0624 | 12.04.2016 |
| Red Hat Enterprise Linux 5.9 Long Life | samba | Fixed | RHSA-2016:0623 | 12.04.2016 |
| Red Hat Enterprise Linux 5.9 Long Life | samba3x | Fixed | RHSA-2016:0624 | 12.04.2016 |
| Red Hat Enterprise Linux 6 | samba | Fixed | RHSA-2016:0611 | 12.04.2016 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x ...
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."
Уязвимость протокола MS-SAMR и MS-LSAD пакета программ сетевого взаимодействия Samba, связанная с недостатками элементов безопасности, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
6.8 Medium
CVSS2