Samba Badlock Vulnerability

Medium Nessus Plugin ID 90509


An SMB server running on the remote host is affected by the Badlock vulnerability.


The version of Samba, a CIFS/SMB server for Linux and Unix, running on the remote host is affected by a flaw, known as Badlock, that exists in the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) protocols due to improper authentication level negotiation over Remote Procedure Call (RPC) channels. A man-in-the-middle attacker who is able to able to intercept the traffic between a client and a server hosting a SAM database can exploit this flaw to force a downgrade of the authentication level, which allows the execution of arbitrary Samba network calls in the context of the intercepted user, such as viewing or modifying sensitive security data in the Active Directory (AD) database or disabling critical services.


Upgrade to Samba version 4.2.11 / 4.3.8 / 4.4.2 or later.

See Also

Plugin Details

Severity: Medium

ID: 90509

File Name: samba_badlock.nasl

Version: $Revision: 1.5 $

Type: remote

Family: General

Published: 2016/04/13

Modified: 2016/07/25

Dependencies: 25240

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

CPE: cpe:/a:samba:samba

Required KB Items: SMB/samba, SMB/name, SMB/transport

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/04/12

Vulnerability Publication Date: 2016/03/23

Reference Information

CVE: CVE-2016-2118

BID: 86002

OSVDB: 136339

CERT: 813296