CVE-2016-2118

high-risk
Published 2016-04-12

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."

Do I need to act?

!
78.5% chance of exploitation in next 30 days
EPSS score — higher than 21% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / HIGH complexity

Affected Products (9)

Affected Vendors

Debian Samba Canonical

References (90)

Technical Description http://badlock.org/
Mailing List http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html
Mailing List http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html
Mailing List http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
Third Party Advisory http://rhn.redhat.com/errata/RHSA-2016-0611.html
Third Party Advisory http://rhn.redhat.com/errata/RHSA-2016-0612.html
Third Party Advisory http://rhn.redhat.com/errata/RHSA-2016-0613.html
Third Party Advisory http://rhn.redhat.com/errata/RHSA-2016-0614.html
Third Party Advisory http://rhn.redhat.com/errata/RHSA-2016-0618.html
Third Party Advisory http://rhn.redhat.com/errata/RHSA-2016-0619.html
Third Party Advisory http://rhn.redhat.com/errata/RHSA-2016-0620.html
Third Party Advisory http://rhn.redhat.com/errata/RHSA-2016-0621.html
and 70 more references
57
/ 100
high-risk
Severity 22/34 · High
Exploitability 20/34 · Moderate
Exposure 15/34 · Moderate