Badlock

Badlock
	Logo representing Badlock.
CVE identifier	CVE-2016-2118
Website	https://web.archive.org/web/20170608065927/http://badlock.org/

Badlock (CVE-2016-2118) is a security bug disclosed on April 12, 2016 affecting the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols^[1] supported by Windows and Samba servers.^[2]

Both SAM and LSAD are layered onto the DCE 1.1 Remote Procedure Call (DCE/RPC) protocol. As implemented in Samba and Windows, the RPC services allowed an attacker to become man in the middle.^[3] Although the vulnerability was discovered during the development of Samba, the namegiving SMB protocol itself is not affected.

References

^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

External links

Badlock Bug at the Wayback Machine (archived 2017-06-08)

[1] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[2] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[3] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[1]

[2]

[3]

Badlock

References

External links

Navigation menu

Search