Back to bug 1317990
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-03-15 17:17:41 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-03-15 17:17:41 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-03-15 17:18:38 UTC | Alias | BADLOCK | |
| Whiteboard | impact=important,public=no,reported=20161015,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-300,rhel-5/samba=new,rhel-5/samba3x=new,rhel-6/samba4=new,rhel-6/samba=new,rhel-7/samba=new,rhes-3.1/samba=new,fedora-all/samba=affected | impact=important,public=no,reported=20160315,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-300,rhel-5/samba=new,rhel-5/samba3x=new,rhel-6/samba4=new,rhel-6/samba=new,rhel-7/samba=new,rhes-3.1/samba=new,fedora-all/samba=affected | ||
| Adam Mariš | 2016-03-15 17:21:49 UTC | Blocks | 1311915 | |
| Huzaifa S. Sidhpurwala | 2016-03-24 02:52:10 UTC | Whiteboard | impact=important,public=no,reported=20160315,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-300,rhel-5/samba=new,rhel-5/samba3x=new,rhel-6/samba4=new,rhel-6/samba=new,rhel-7/samba=new,rhes-3.1/samba=new,fedora-all/samba=affected | impact=important,public=no,reported=20160315,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-300,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:06 UTC | Depends On | 1322684 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:16 UTC | Depends On | 1322685 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:23 UTC | Depends On | 1322686 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:33 UTC | Depends On | 1322687 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:41 UTC | Depends On | 1322688 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:51 UTC | Depends On | 1322689 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:59 UTC | Depends On | 1322690 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:30:09 UTC | Depends On | 1322691 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:30:17 UTC | Depends On | 1322692 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 08:23:22 UTC | CC | abokovoy, madam | |
| Huzaifa S. Sidhpurwala | 2016-03-31 08:32:58 UTC | CC | rhack | |
| Clifford Perry | 2016-04-04 13:06:54 UTC | CC | cperry | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:40:34 UTC | Whiteboard | impact=important,public=no,reported=20160315,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-300,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected | impact=important,public=no,reported=20160315,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-300,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:42:50 UTC | Depends On | 1324800 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:42:59 UTC | Depends On | 1324801 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:43:07 UTC | Depends On | 1324802 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:43:17 UTC | Depends On | 1324803 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:43:25 UTC | Depends On | 1324804 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:43:34 UTC | Depends On | 1324805 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:43:42 UTC | Depends On | 1324806 | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:43:52 UTC | Depends On | 1324807 | |
| Huzaifa S. Sidhpurwala | 2016-04-08 16:00:22 UTC | Whiteboard | impact=important,public=no,reported=20160315,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-300,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected | impact=important,public=no,reported=20160315,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-300,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected |
| Huzaifa S. Sidhpurwala | 2016-04-08 16:03:06 UTC | Depends On | 1325382 | |
| Huzaifa S. Sidhpurwala | 2016-04-08 16:03:18 UTC | Depends On | 1325383 | |
| Huzaifa S. Sidhpurwala | 2016-04-08 16:03:28 UTC | Depends On | 1325384 | |
| Huzaifa S. Sidhpurwala | 2016-04-08 16:03:40 UTC | Depends On | 1325385 | |
| Huzaifa S. Sidhpurwala | 2016-04-09 05:19:58 UTC | Doc Text | A protocol flaw was found in the Security Account Manager Remote Protocol [MS-SAMR] and the Local Security Authority (Domain Policy) Remote Protocol [MS-LSAD]. Any authenticated DCERPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, which could reveal all passwords and any other potentially sensitive information. | |
| Huzaifa S. Sidhpurwala | 2016-04-10 11:15:59 UTC | Depends On | 1325645 | |
| Huzaifa S. Sidhpurwala | 2016-04-10 11:23:48 UTC | Depends On | 1325649 | |
| Huzaifa S. Sidhpurwala | 2016-04-10 11:24:03 UTC | Depends On | 1325650 | |
| Huzaifa S. Sidhpurwala | 2016-04-10 11:24:15 UTC | Depends On | 1325651 | |
| Huzaifa S. Sidhpurwala | 2016-04-11 05:40:20 UTC | Whiteboard | impact=important,public=no,reported=20160315,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-300,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected | impact=important,public=20160412,reported=20160315,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-300,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected |
| Martin Prpič | 2016-04-11 07:05:09 UTC | Doc Text | A protocol flaw was found in the Security Account Manager Remote Protocol [MS-SAMR] and the Local Security Authority (Domain Policy) Remote Protocol [MS-LSAD]. Any authenticated DCERPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, which could reveal all passwords and any other potentially sensitive information. | A protocol flaw was found in the Security Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database. |
| Huzaifa S. Sidhpurwala | 2016-04-11 10:35:12 UTC | Whiteboard | impact=important,public=20160412,reported=20160315,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-300,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected | impact=important,public=20160412,reported=20160315,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-300,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected,rhel-5.6.z/samba3x=affected,rhel-5.9.z/samba3x=affected |
| Huzaifa S. Sidhpurwala | 2016-04-11 10:37:14 UTC | Depends On | 1325832 | |
| Huzaifa S. Sidhpurwala | 2016-04-11 10:39:10 UTC | Depends On | 1325838 | |
| Martin Prpič | 2016-04-11 13:12:33 UTC | Doc Text | A protocol flaw was found in the Security Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database. | A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database. |
| Martin Prpič | 2016-04-12 09:41:29 UTC | Alias | BADLOCK | Badlock |
| Jose A. Rivera | 2016-04-12 12:28:13 UTC | Status | NEW | ON_QA |
| Fixed In Version | 4.2.11-1 | |||
| Tomas Hoger | 2016-04-12 12:38:19 UTC | Status | ON_QA | NEW |
| Fixed In Version | 4.2.11-1 | |||
| Huzaifa S. Sidhpurwala | 2016-04-12 14:20:59 UTC | Depends On | 1326361 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 14:21:27 UTC | Depends On | 1326362 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 14:22:06 UTC | Depends On | 1326364 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 14:22:14 UTC | Depends On | 1326365 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 14:26:29 UTC | Depends On | 1326368 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 14:26:48 UTC | Depends On | 1326369 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 14:29:52 UTC | Depends On | 1326370 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 17:13:21 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2016-2118 samba: SAMR and LSA man in the middle attacks | CVE-2016-2118 samba: SAMR and LSA man in the middle attacks | ||
| Siddharth Sharma | 2016-04-12 17:27:46 UTC | Depends On | 1326453 | |
| Tomas Hoger | 2016-04-12 20:35:39 UTC | Fixed In Version | samba 4.4.2, samba 4.3.8, samba 4.2.11 | |
| Yasuhiro Ozone | 2016-04-12 23:02:15 UTC | CC | yozone | |
| Jay Shin | 2016-04-12 23:52:51 UTC | CC | jaeshin | |
| Link ID | Red Hat Knowledge Base (Article) 2243351 | |||
| Jay Shin | 2016-04-12 23:53:16 UTC | Link ID | Red Hat Knowledge Base (Article) 2253041 | |
| Jay Shin | 2016-04-12 23:53:47 UTC | Link ID | Red Hat Knowledge Base (Solution) 2255271 | |
| Tomas Hoger | 2016-04-13 11:56:19 UTC | Depends On | 1326369 | |
| Tomas Hoger | 2016-04-13 11:58:53 UTC | Depends On | 1326368 | |
| Tomas Hoger | 2016-04-13 11:59:04 UTC | Depends On | 1326370 | |
| Tomas Hoger | 2016-04-13 12:03:03 UTC | Depends On | 1326365 | |
| Tomas Hoger | 2016-04-13 12:03:11 UTC | Depends On | 1326364 | |
| Tomas Hoger | 2016-04-13 12:03:13 UTC | Depends On | 1326362 | |
| Tomas Hoger | 2016-04-13 12:03:17 UTC | Depends On | 1326361 | |
| Tomas Hoger | 2016-04-13 12:47:56 UTC | Fixed In Version | samba 4.4.2, samba 4.3.8, samba 4.2.11 | samba 4.4.1, samba 4.3.7, samba 4.2.10 |
| Huzaifa S. Sidhpurwala | 2016-04-19 05:49:02 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-04-19 01:49:02 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:45:56 UTC | Whiteboard | impact=important,public=20160412,reported=20160315,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-300,rhel-5/samba=affected,rhel-5/samba3x=affected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected,rhel-5.6.z/samba3x=affected,rhel-5.9.z/samba3x=affected |
Back to bug 1317990