Patches become available for Badlock vulnerability in Samba and Windows

Spread the love

Patches have been made available for vulnerabilities in various versions of Samba, known as “Badlock”. Windows has also been affected by the vulnerability, which allows an attacker, among other things, to perform a man-in-the-middle attack.

The leak was announced three weeks ago on a specially designed site and thus follows in the footsteps of other branded vulnerabilities such as Heartbleed and Drown. There was much speculation about the seriousness of the vulnerability and it was expected that it would be usable remotely via remote code execution. However, this now appears not to be the case, because an attack cannot be carried out from outside the network.

The vulnerability, numbered cve-2016-2118, enables a man-in-the-middle attack against Samba protocols, which can perform various actions on the network via a user’s intercepted traffic. In the event that this user is an administrator, data in the Active Directory database can for example be viewed and modified, such as password hashes. With a standard server, user rights can be adjusted, among other things. Also, an attacker can perform a Denial of Service attack, as long as he is connected to the Samba service.

Badlock is associated with a number of other vulnerabilities and has been assigned a risk rating in the ‘high’ category with a cvss of 7.1. This is not a critical leak. Affected versions of Samba that are not patched are 3.6.x, 4.0.x, and 4.1.x. These are no longer supported. For the newer versions, patches have been released with versions 4.4.2, 4.3.8 and 4.2.11. It is therefore recommended to perform an update. Microsoft has also made patches available.

Samba is an open source implementation of the smb/cifs network protocol. This protocol is present in Windows and makes it possible to share files and printers over the network. Samba was created to facilitate interoperability with other operating systems such as Linux, Unix and BSD. This allows Linux servers, for example, to participate in an Active Directory and also act as domain controllers.

The vulnerability was discovered by Stefan Metzmacher. He is part of the Samba team and works at the German SerNet, which is involved in the development of the software, among other things. The patch was created in collaboration with Microsoft after Metzmacher notified the company.

Badlock’s announcement has been criticized by the security community. According to SerNet, a wide run-up has been chosen in order to generate as much attention as possible for the vulnerability. However, others say that this gave potential attackers time to examine the Samba source code and discover the vulnerability for themselves. SerNet itself would also benefit from all the publicity. In addition, Metzmacher himself would be responsible for a large part of the code in which he discovered the vulnerability.

Now that it turns out that the vulnerability is a lot less serious than expected, it is possible that these suspicions will get more feet in the ground.

You might also like
Exit mobile version