Badlock

Badlock
	Logo representing Badlock.
CVE identifier(s)	CVE-2016-2118
Website	https://web.archive.org/web/20170608065927/http://badlock.org/

Short description: Security bug

Badlock (CVE-2016-2118) is a security bug disclosed on April 12, 2016 affecting the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols^[1] supported by Windows and Samba servers.^[2]

Both SAM and LSAD are layered onto the DCE 1.1 Remote Procedure Call (DCE/RPC) protocol. As implemented in Samba and Windows, the RPC services allowed an attacker to become man in the middle.^[3] Although the vulnerability was discovered during the development of Samba, the namegiving SMB protocol itself is not affected.

References

↑ "Microsoft Security Bulletin MS16-047". Microsoft TechNet. 2016-04-12. https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2016/ms16-047.
↑ "Badlock Bug". http://badlock.org/.
↑ "CVE-2016-2118". https://www.samba.org/samba/security/CVE-2016-2118.html.

External links

0.00

(0 votes)

Original source: https://en.wikipedia.org/wiki/Badlock. Read more

[1] "Microsoft Security Bulletin MS16-047". Microsoft TechNet. 2016-04-12. https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2016/ms16-047.

[2] "Badlock Bug". http://badlock.org/.

[3] "CVE-2016-2118". https://www.samba.org/samba/security/CVE-2016-2118.html.

[1]

[2]

[3]

Anonymous

Search

Badlock

Namespaces

More

Page actions

References

External links

Navigation

Navigation

Help

Translate

Wiki tools

Wiki tools

Anonymous

Search

Badlock

References

External links

Navigation

Wiki tools

Page tools

Other projects

Categories