Bug 1317990 (Badlock, CVE-2016-2118)
Summary: | CVE-2016-2118 samba: SAMR and LSA man in the middle attacks | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Adam Mariš <amaris> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | aavati, abokovoy, asn, cperry, gdeschner, jaeshin, jarrpa, madam, nlevinki, rfortier, rhack, sbose, security-response-team, sgirijan, smohan, ssaha, vbellur, yozone |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | samba 4.4.1, samba 4.3.7, samba 4.2.10 | Doc Type: | Bug Fix |
Doc Text: |
A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2016-04-19 05:49:02 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1322684, 1322685, 1322686, 1322687, 1322688, 1322689, 1322690, 1322691, 1322692, 1324800, 1324801, 1324802, 1324803, 1324804, 1324805, 1324806, 1324807, 1325382, 1325383, 1325384, 1325385, 1325645, 1325649, 1325650, 1325651, 1325832, 1325838, 1326453 | ||
Bug Blocks: | 1311915 |
Description
Adam Mariš
2016-03-15 17:17:41 UTC
Acknowledgments: Name: the Samba project Upstream: Stefan Metzmacher (SerNet) Created samba tracking bugs for this issue: Affects: fedora-all [bug 1326453] This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2016:0611 https://rhn.redhat.com/errata/RHSA-2016-0611.html This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Via RHSA-2016:0613 https://rhn.redhat.com/errata/RHSA-2016-0613.html This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Via RHSA-2016:0621 https://rhn.redhat.com/errata/RHSA-2016-0621.html This issue has been addressed in the following products: Red Hat Enterprise Linux 5.6 Long Life Red Hat Enterprise Linux 5.9 Long Life Via RHSA-2016:0624 https://rhn.redhat.com/errata/RHSA-2016-0624.html This issue has been addressed in the following products: Red Hat Enterprise Linux 5.6 Long Life Red Hat Enterprise Linux 5.9 Long Life Via RHSA-2016:0623 https://rhn.redhat.com/errata/RHSA-2016-0623.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6.4 Advanced Update Support Red Hat Enterprise Linux 6.2 Advanced Update Support Red Hat Enterprise Linux 6.6 Extended Update Support Red Hat Enterprise Linux 6.5 Advanced Update Support Via RHSA-2016:0619 https://rhn.redhat.com/errata/RHSA-2016-0619.html This issue has been addressed in the following products: Red Hat Enterprise Linux 4 Extended Lifecycle Support Via RHSA-2016:0625 https://rhn.redhat.com/errata/RHSA-2016-0625.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6.6 Extended Update Support Red Hat Enterprise Linux 6.5 Advanced Update Support Red Hat Enterprise Linux 6.4 Advanced Update Support Red Hat Enterprise Linux 6.2 Advanced Update Support Via RHSA-2016:0620 https://rhn.redhat.com/errata/RHSA-2016-0620.html This issue has been addressed in the following products: Red Hat Gluster Storage 3.1 for RHEL 7 Red Hat Gluster Storage 3.1 for RHEL 6 Via RHSA-2016:0614 https://rhn.redhat.com/errata/RHSA-2016-0614.html This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 6 Via RHSA-2016:0612 https://rhn.redhat.com/errata/RHSA-2016-0612.html This issue has been addressed in the following products: Red Hat Enterprise Linux 7.1 Extended Update Support Via RHSA-2016:0618 https://rhn.redhat.com/errata/RHSA-2016-0618.html samba-4.3.8-0.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report. samba-4.2.11-0.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report. samba-4.4.2-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report. |