CVE-2016-2118Channel Accessible by Non-Endpoint in Samba

CWE-254CWE-300Channel Accessible by Non-Endpoint20 documents9 sources
Severity
7.5HIGHNVD
OSV5.9
EPSS
78.5%
top 0.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
SambaDebian SambaCanonical Ubuntu Linux+1 more
Timeline
PublishedApr 12
Latest updateMay 13

Description

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages4 packages

NVDsamba/samba3.6.04.2.10+2
debiandebian/samba< samba 2:4.3.7+dfsg-1 (bookworm)
Debiansamba/samba< 2:4.3.7+dfsg-1+3
Ubuntusamba/samba< 2:4.3.9+dfsg-0ubuntu0.14.04.1+4

Also affects: Debian Linux 7.0, 8.0, Ubuntu Linux 12.04, 14.04, 15.10, 16.04

🔴Vulnerability Details

6
GHSA
GHSA-9r74-96x3-hvq9: The MS-SAMR and MS-LSAD protocol implementations in Samba 32022-05-13
OSV
samba regression2016-05-25
OSV
samba regressions2016-05-04
OSV
libsoup2.4 update2016-05-04
OSV
samba vulnerabilities2016-04-18

📋Vendor Advisories

7
Ubuntu
Samba regression2016-05-25
Ubuntu
Samba regressions2016-05-18
Ubuntu
libsoup update2016-05-04
Ubuntu
Samba regressions2016-05-04
Ubuntu
Samba vulnerabilities2016-04-18

🕵️Threat Intelligence

4
Trendmicro
The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It2022-02-02
Trendmicro
La vulnerabilidad de Samba: qué es CVE-2021-44142 y cómo solucionarlo2022-02-02
Tenable
Badlock or Sadlock?2016-04-14
Tenable
Badlock or Sadlock?2016-04-14

💬Community

2
Bugzilla
CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2114 CVE-2016-2115 CVE-2016-2118 samba: various flaws [fedora-all]2016-04-12
Bugzilla
CVE-2016-2118 samba: SAMR and LSA man in the middle attacks2016-03-15