Red Hat fixes the Badlock vulnerability in Samba.

Red Hat fixes the Badlock vulnerability in Samba.

Red Hat recently announced the Protocol defects in its product interaction with Windows AD and Samba service, this vulnerability affects Red Hat Identity Management, Red Hat Gluster Storage, and RHEL Samba servers and clients.

Red Hat Access Labs has built specialized Vulnerability Detection and Analysis rules to help users understand the risks caused by their published vulnerabilities. We recommend that you install patches as soon as possible.

Vulnerability details

Badlock is a "Protocol/man-in-the-middle" attack vulnerability that can be exploited by simulating a user identity verified by Windows AD. In this attack, attackers can be granted permissions to read and write the SAM Database, which may cause leakage of all user names and passwords and other sensitive information.

Badlock vulnerabilities have been marked as CVE-2016-2118 by Red Hat security team, security level is important, the administrator can visit the Red Hat official website to obtain information and repair as soon as possible.

Note: This Samba protocol issue is described in Red Hat using a CVE-2016-2118, which is described in Microsoft's Security Bulletin using a CVE-2016-0128, although the two CVE IDs are different, but it is about Badlock.

This vulnerability may affect the following applications:

• File servers or print servers that affect the Samba Service
• Red Hat Identity Management product using Samba
• Users who have installed Samba in Red Hat Gluster Storage
• Using Samba as an AD Domain Member Server is vulnerable to this vulnerability. Attackers can impersonate a client to obtain authentication communications between domain members and domain controllers.

This article permanently updates the link address: