CVE-2016-2118

Published: Apr 12, 2016Modified: May 6, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.6 / Impact: 5.9

Source: NVD

Description

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."

Affected (11)

Products: Samba: Samba · Canonical: Ubuntu Linux · Debian: Debian Linux

1 product

1 product

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Samba Samba	From 3.6.0 to 4.2.10
Samba Samba	From 4.3.0 to 4.3.7
Samba Samba	From 4.4.0 to 4.4.1

Configuration B

6 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 15.10
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 16.04

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 7.0
Debian Debian Linux	Version 8.0

Related CWEs

CWE-254

References (90)

http://badlock.org/

Source: secalert@redhat.com

Technical DescriptionThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-0611.html

Source: secalert@redhat.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-0612.html

Source: secalert@redhat.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-0613.html

Source: secalert@redhat.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-0614.html

Source: secalert@redhat.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-0618.html

Source: secalert@redhat.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-0619.html

Source: secalert@redhat.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-0620.html

Source: secalert@redhat.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-0621.html

Source: secalert@redhat.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-0623.html

Source: secalert@redhat.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-0624.html

Source: secalert@redhat.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-0625.html

Source: secalert@redhat.com

Third Party Advisory

http://www.debian.org/security/2016/dsa-3548

Source: secalert@redhat.com

Third Party Advisory

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Source: secalert@redhat.com

Third Party Advisory

http://www.securityfocus.com/bid/86002

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1035533

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://www.ubuntu.com/usn/USN-2950-1

Source: secalert@redhat.com

Third Party Advisory

http://www.ubuntu.com/usn/USN-2950-2

Source: secalert@redhat.com

Third Party Advisory

http://www.ubuntu.com/usn/USN-2950-3

Source: secalert@redhat.com

Third Party Advisory

http://www.ubuntu.com/usn/USN-2950-4

Source: secalert@redhat.com

Third Party Advisory

http://www.ubuntu.com/usn/USN-2950-5

Source: secalert@redhat.com

Third Party Advisory

https://access.redhat.com/security/vulnerabilities/badlock

Source: secalert@redhat.com

Third Party Advisory

https://bto.bluecoat.com/security-advisory/sa122

Source: secalert@redhat.com

Third Party Advisory

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399

Source: secalert@redhat.com

Third Party Advisory

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182

Source: secalert@redhat.com

Third Party Advisory

https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

Source: secalert@redhat.com

Third Party Advisory

https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products

Source: secalert@redhat.com

Third Party Advisory

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196

Source: secalert@redhat.com

Third Party Advisory

https://security.gentoo.org/glsa/201612-47

Source: secalert@redhat.com

Third Party Advisory

https://www.kb.cert.org/vuls/id/813296

Source: secalert@redhat.com

Third Party AdvisoryUS Government Resource

https://www.samba.org/samba/history/samba-4.2.10.html

Source: secalert@redhat.com

Third Party Advisory

https://www.samba.org/samba/latest_news.html#4.4.2

Source: secalert@redhat.com

Vendor Advisory

https://www.samba.org/samba/security/CVE-2016-2118.html

Source: secalert@redhat.com

Vendor Advisory

http://badlock.org/