Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Required

Privileges Required

None

Attack Vector

Network

0

CVE-2016-2118

Disclosure Date: April 12, 2016 •

CVE-2016-2118 CVSS v3 Base Score: 7.5

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka “BADLOCK.”

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

7.5 High

Impact Score:

5.9

Exploitability Score:

1.6

Vector:

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

High

Privileges Required (PR):

None

User Interaction (UI):

Required

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

Vendors

Products

References

Canonical

CVE-2016-2118 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118)

BID-86002 (http://www.securityfocus.com/bid/86002)

Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html

http://rhn.redhat.com/errata/RHSA-2016-0612.html

USN-2950-1 (http://www.ubuntu.com/usn/USN-2950-1)

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html

http://rhn.redhat.com/errata/RHSA-2016-0613.html

http://rhn.redhat.com/errata/RHSA-2016-0621.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html

USN-2950-5 (http://www.ubuntu.com/usn/USN-2950-5)

https://www.samba.org/samba/history/samba-4.2.10.html

FEDORA-2016-be53260726 (http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html)

http://rhn.redhat.com/errata/RHSA-2016-0624.html

http://rhn.redhat.com/errata/RHSA-2016-0618.html

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html

https://www.samba.org/samba/latest_news.html#4.4.2

SECTRACK-1035533 (http://www.securitytracker.com/id/1035533)

FEDORA-2016-48b3761baa (http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html)

VU#813296 (https://www.kb.cert.org/vuls/id/813296)

http://rhn.redhat.com/errata/RHSA-2016-0614.html

https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html

http://rhn.redhat.com/errata/RHSA-2016-0620.html

http://rhn.redhat.com/errata/RHSA-2016-0611.html

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html

https://bto.bluecoat.com/security-advisory/sa122

USN-2950-3 (http://www.ubuntu.com/usn/USN-2950-3)

FEDORA-2016-383fce04e2 (http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html)

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html

http://rhn.redhat.com/errata/RHSA-2016-0619.html

GLSA-201612-47 (https://security.gentoo.org/glsa/201612-47)

DSA-3548 (http://www.debian.org/security/2016/dsa-3548)

http://rhn.redhat.com/errata/RHSA-2016-0623.html

USN-2950-2 (http://www.ubuntu.com/usn/USN-2950-2)

https://access.redhat.com/security/vulnerabilities/badlock

http://rhn.redhat.com/errata/RHSA-2016-0625.html

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196

USN-2950-4 (http://www.ubuntu.com/usn/USN-2950-4)

https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products

Miscellaneous

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012

http://badlock.org

https://www.samba.org/samba/security/CVE-2016-2118.html

Rapid7

Technical Analysis