Samba Badlock Vulnerability

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

An SMB server running on the remote host is affected by the Badlock
vulnerability.

Description :

The version of Samba, a CIFS/SMB server for Linux and Unix, running on
the remote host is affected by a flaw, known as Badlock, that exists
in the Security Account Manager (SAM) and Local Security
Authority (Domain Policy) (LSAD) protocols due to improper
authentication level negotiation over Remote Procedure Call (RPC)
channels. A man-in-the-middle attacker who is able to able to
intercept the traffic between a client and a server hosting a SAM
database can exploit this flaw to force a downgrade of the
authentication level, which allows the execution of arbitrary Samba
network calls in the context of the intercepted user, such as viewing
or modifying sensitive security data in the Active Directory (AD)
database or disabling critical services.

See also :

http://badlock.org
https://www.samba.org/samba/security/CVE-2016-2118.html

Solution :

Upgrade to Samba version 4.2.11 / 4.3.8 / 4.4.2 or later.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.6
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: General

Nessus Plugin ID: 90509 ()

Bugtraq ID: 86002

CVE ID: CVE-2016-2118

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now