CVE-2016-2118

Name of the Vulnerable Software and Affected Versions Samba versions 3.x through 4.1.x Samba versions 4.2.x through 4.2.10 Samba versions 4.3.x through 4.3.7 Samba versions 4.4.x through 4.4.1

Description The issue is related to the MS-SAMR and MS-LSAD protocol implementations in Samba, which do not handle DCERPC connections correctly. This allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream. The vulnerability can be exploited to gain access to confidential data, disrupt data integrity, and cause a denial of service. The issue is also known as "BADLOCK".

Recommendations For Samba versions 3.x, update to version 4.2.11 or later. For Samba versions 4.2.x, update to version 4.2.11 or later. For Samba versions 4.3.x, update to version 4.3.8 or later. For Samba versions 4.4.x, update to version 4.4.2 or later. As a temporary workaround, consider restricting access to the DCERPC connections to minimize the risk of exploitation.