Badlock

From Handwiki
Short description: Security bug
Badlock
Badlock logo.svg
Logo representing Badlock.
CVE identifier(s)CVE-2016-2118
Websitehttps://web.archive.org/web/20170608065927/http://badlock.org/

Badlock (CVE-2016-2118) is a security bug disclosed on April 12, 2016 affecting the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols[1] supported by Windows and Samba servers.[2]

Both SAM and LSAD are layered onto the DCE 1.1 Remote Procedure Call (DCE/RPC) protocol. As implemented in Samba and Windows, the RPC services allowed an attacker to become man in the middle.[3] Although the vulnerability was discovered during the development of Samba, the namegiving SMB protocol itself is not affected.

References

  1. "Microsoft Security Bulletin MS16-047". Microsoft TechNet. 2016-04-12. https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2016/ms16-047. 
  2. "Badlock Bug". http://badlock.org/. 
  3. "CVE-2016-2118". https://www.samba.org/samba/security/CVE-2016-2118.html. 

External links



Retrieved from "https://handwiki.org/wiki/index.php?title=Badlock&oldid=77093"

Categories: [Internet security] [Software bugs]

Download as ZWI file | Last modified: 12/18/2023 11:35:11 | 12 views
☰ Source: https://handwiki.org/wiki/Badlock | License: CC BY-SA 3.0

ZWI signed:
  Encycloreader by the Knowledge Standards Foundation (KSF) ✓[what is this?]

ZWI viewer by the EncyclosphereKSF