CVE ID
CVE-2016-2118
DESCRIPTION
A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database.
Unitrends risk assessment: Severity Low
The samba configuration on Unitrends systems is using share security with restriction by IP address, so there is no samba user/password information to be revealed. This is a much greater risk on Windows systems or with Active Directory.
RESOLUTION
Fixed in CentOS6 update versions: samba-3.6.23-30.el6_7
To apply the fix, download the latest Unitrends security update from the ftp site.