BADLOCK: Protocol-Downgrade Vulnerability in Samba 3.x and 4.x

BADLOCK: Protocol-Downgrade Vulnerability in Samba 3.x and 4.x

CVE-2016-2118 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."

Learn more about our Cis Benchmark Audit For Server Software.