ClearOS Documentation

×

Warning

301 error for file:https://clearos.com/dokuwiki2/lib/exe/css.php?t=dokuwiki&tseed=82873f9c9a1f5784b951644363f20ef8

User Tools

Site Tools


CVE 2016-2118

'The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka “BADLOCK.”'

ClearCenter response

ClearCenter has not received details about this bug at this time.

Short response

Long response

Resolution

This bug affects local Samba processes. To temporarily shut down those processes while implementing the fix, run the following:

service smb stop
service nmb stop
service winbind stop
chkconfig smb off
chkconfig nmb off
chkconfig winbind off
content/en_us/announcements_cve_cve-2016-2118.txt · Last modified: 2017/12/20 09:19 by dloper

https://clearos.com/dokuwiki2/lib/exe/indexer.php?id=content%3Aen_us%3Aannouncements_cve_cve-2016-2118&1558381238