Jump to content

Badlock

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Hannob (talk | contribs) at 09:47, 28 September 2016 (change logo to original instead of duplicate). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Logo representing Badlock.

Badlock is a security bug disclosed on April 12, 2016 affecting the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols [1] supported by Windows and Samba servers. [2]

Both SAM and LSAD are layered onto the DCE 1.1 Remote Procedure Call (DCE/RPC) protocol. As implemented in Samba and Windows, the RPC services allowed an attacker to become man in the middle. [3] Although the vulnerability was discovered during the development of Samba, the namegiving SMB protocol itself is not affected.


References

  1. ^ "Microsoft Security Bulletin MS16-047". Retrieved 13 April 2016.
  2. ^ "Badlock Bug". Badlock Bug. Retrieved 12 April 2016.
  3. ^ "CVE-2016-2118". Retrieved 13 April 2016.


Retrieved from "https://en.wikipedia.org/w/index.php?title=Badlock&oldid=741571754"