CVE-2016-2118: Samba Badlock vulnerability




A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database.

Unitrends risk assessment: Severity Low

The samba configuration on Unitrends systems is using share security with restriction by IP address, so there is no samba user/password information to be revealed. This is a much greater risk on Windows systems or with Active Directory.


Fixed in CentOS6 update versions: samba-3.6.23-30.el6_7

To apply the fix, download the latest Unitrends security update from the ftp site.


Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section