10

A user on the Ask Ubuntu General Room posted a link to Badlock. After some googling around, all I can find is that it is a mysterious security bug, that uses the same website template as Heartbleed.

I manage Linux Servers, a mysterious security bug does not sit well with me. What exactly is it, and how can I protect my servers from it?

blade19899
  • 26,994

2 Answers2

12

What is BadLock

Badlock is a bug that affects Windows and Samba.

What Can hackers do with this security bug?

Two things:

  • Man-in-the-middle (MITM) attacks:

  • Denial-of-Service (DoS) attacks:

The Badlock CVE is: CVE-2016-2118. There are additional CVEs related to Badlock. Those are:

Which versions of samba are affected

  • 3.6.x,
  • 4.0.x,
  • 4.1.x,
  • 4.2.0-4.2.9,
  • 4.3.0-4.3.6,
  • 4.4.0

Fix:

Download the patches for your version of samba, here:

How bad is Badlock?

The severity of Badlock according to the Common Vulnerability Scoring System (CVSS):

CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Base: 7.1 (High); Temporal: 6.4 (Medium)

Notes:

With the release of Samba 4.4.0 on March 22nd the 4.1 release branch has been marked DISCONTINUED (see Samba Release Planning)

Further Reading:

Official badlock website:

Links:

blade19899
  • 26,994
3

See here for the Ubuntu security update packages:

https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1569497

Took a little while to get published, but a hell of a lot easier than patching 3.6.3 up to 3.6.25 and applying the official patches on top of that.

NB: I tried to build 3.6.25 from source on precise and failed. YMMV.

MSchmitz
  • 31
  • 1