CVE-2016-2118

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka BADLOCK.

Affected Software

Name	Vendor	Start Version	End Version
Samba	Samba	3.6.0 (including)	4.2.10 (excluding)
Samba	Samba	4.3.0 (including)	4.3.7 (excluding)
Samba	Samba	4.4.0 (including)	4.4.1 (excluding)
Red Hat Enterprise Linux 4 Extended Lifecycle Support	RedHat	samba-0:3.0.33-3.37.el4	*
Red Hat Enterprise Linux 5	RedHat	samba3x-0:3.6.23-12.el5_11	*
Red Hat Enterprise Linux 5	RedHat	samba-0:3.0.33-3.41.el5_11	*
Red Hat Enterprise Linux 5.6 Long Life	RedHat	samba-0:3.0.33-3.30.el5_6	*
Red Hat Enterprise Linux 5.6 Long Life	RedHat	samba3x-0:3.6.23-12.el5_6	*
Red Hat Enterprise Linux 5.9 Long Life	RedHat	samba-0:3.0.33-3.40.el5_9	*
Red Hat Enterprise Linux 5.9 Long Life	RedHat	samba3x-0:3.6.23-12.el5_9	*
Red Hat Enterprise Linux 6	RedHat	samba-0:3.6.23-30.el6_7	*
Red Hat Enterprise Linux 6	RedHat	ipa-0:3.0.0-47.el6_7.2	*
Red Hat Enterprise Linux 6	RedHat	libldb-0:1.1.25-2.el6_7	*
Red Hat Enterprise Linux 6	RedHat	libtalloc-0:2.1.5-1.el6_7	*
Red Hat Enterprise Linux 6	RedHat	libtdb-0:1.3.8-1.el6_7	*
Red Hat Enterprise Linux 6	RedHat	libtevent-0:0.9.26-2.el6_7	*
Red Hat Enterprise Linux 6	RedHat	openchange-0:1.0-7.el6_7	*
Red Hat Enterprise Linux 6	RedHat	samba4-0:4.2.10-6.el6_7	*
Red Hat Enterprise Linux 6.2 Advanced Update Support	RedHat	samba-0:3.6.23-30.el6_2	*
Red Hat Enterprise Linux 6.2 Advanced Update Support	RedHat	evolution-mapi-0:0.28.3-8.el6_2	*
Red Hat Enterprise Linux 6.2 Advanced Update Support	RedHat	libldb-0:1.1.25-2.el6_2	*
Red Hat Enterprise Linux 6.2 Advanced Update Support	RedHat	openchange-0:1.0-1.el6_2	*
Red Hat Enterprise Linux 6.2 Advanced Update Support	RedHat	samba4-0:4.2.10-6.el6_2	*
Red Hat Enterprise Linux 6.2 Advanced Update Support	RedHat	sssd-0:1.5.1-66.el6_2.5	*
Red Hat Enterprise Linux 6.4 Advanced Update Support	RedHat	samba-0:3.6.23-30.el6_4	*
Red Hat Enterprise Linux 6.4 Advanced Update Support	RedHat	ipa-0:3.0.0-26.el6_4.5	*
Red Hat Enterprise Linux 6.4 Advanced Update Support	RedHat	libldb-0:1.1.25-2.el6_4	*
Red Hat Enterprise Linux 6.4 Advanced Update Support	RedHat	openchange-0:1.0-5.el6_4	*
Red Hat Enterprise Linux 6.4 Advanced Update Support	RedHat	samba4-0:4.2.10-6.el6_4	*
Red Hat Enterprise Linux 6.4 Advanced Update Support	RedHat	sssd-0:1.9.2-82.12.el6_4	*
Red Hat Enterprise Linux 6.5 Advanced Update Support	RedHat	samba-0:3.6.23-30.el6_5	*
Red Hat Enterprise Linux 6.5 Advanced Update Support	RedHat	ipa-0:3.0.0-37.el6_5.1	*
Red Hat Enterprise Linux 6.5 Advanced Update Support	RedHat	libldb-0:1.1.25-2.el6_5	*
Red Hat Enterprise Linux 6.5 Advanced Update Support	RedHat	openchange-0:1.0-7.el6_5	*
Red Hat Enterprise Linux 6.5 Advanced Update Support	RedHat	samba4-0:4.2.10-6.el6_5	*
Red Hat Enterprise Linux 6.5 Advanced Update Support	RedHat	sssd-0:1.9.2-129.el6_5.7	*
Red Hat Enterprise Linux 6.6 Extended Update Support	RedHat	samba-0:3.6.23-30.el6_6	*
Red Hat Enterprise Linux 6.6 Extended Update Support	RedHat	ipa-0:3.0.0-42.el6_6.1	*
Red Hat Enterprise Linux 6.6 Extended Update Support	RedHat	libldb-0:1.1.25-2.el6_6	*
Red Hat Enterprise Linux 6.6 Extended Update Support	RedHat	openchange-0:1.0-7.el6_6	*
Red Hat Enterprise Linux 6.6 Extended Update Support	RedHat	samba4-0:4.2.10-6.el6_6	*
Red Hat Enterprise Linux 7	RedHat	ipa-0:4.2.0-15.el7_2.6.1	*
Red Hat Enterprise Linux 7	RedHat	libldb-0:1.1.25-1.el7_2	*
Red Hat Enterprise Linux 7	RedHat	libtalloc-0:2.1.5-1.el7_2	*
Red Hat Enterprise Linux 7	RedHat	libtdb-0:1.3.8-1.el7_2	*
Red Hat Enterprise Linux 7	RedHat	libtevent-0:0.9.26-1.el7_2	*
Red Hat Enterprise Linux 7	RedHat	openchange-0:2.0-10.el7_2	*
Red Hat Enterprise Linux 7	RedHat	samba-0:4.2.10-6.el7_2	*
Red Hat Enterprise Linux 7.1 Extended Update Support	RedHat	ipa-0:4.1.0-18.ael7b_1.6	*
Red Hat Enterprise Linux 7.1 Extended Update Support	RedHat	libldb-0:1.1.25-1.ael7b_1	*
Red Hat Enterprise Linux 7.1 Extended Update Support	RedHat	libtalloc-0:2.1.5-1.ael7b_1	*
Red Hat Enterprise Linux 7.1 Extended Update Support	RedHat	libtdb-0:1.3.8-1.el7_1	*
Red Hat Enterprise Linux 7.1 Extended Update Support	RedHat	libtevent-0:0.9.26-1.ael7b_1	*
Red Hat Enterprise Linux 7.1 Extended Update Support	RedHat	openchange-0:2.0-4.el7_1.1	*
Red Hat Enterprise Linux 7.1 Extended Update Support	RedHat	samba-0:4.2.10-5.el7_1	*
Red Hat Gluster Storage 3.1 for RHEL 6	RedHat	libldb-0:1.1.24-1.el6rhs	*
Red Hat Gluster Storage 3.1 for RHEL 6	RedHat	libtalloc-0:2.1.5-1.el6rhs	*
Red Hat Gluster Storage 3.1 for RHEL 6	RedHat	libtdb-0:1.3.8-1.el6rhs	*
Red Hat Gluster Storage 3.1 for RHEL 6	RedHat	libtevent-0:0.9.26-1.el6rhs	*
Red Hat Gluster Storage 3.1 for RHEL 6	RedHat	samba-0:4.2.11-2.el6rhs	*
Red Hat Gluster Storage 3.1 for RHEL 7	RedHat	libldb-0:1.1.24-1.el7rhgs	*
Red Hat Gluster Storage 3.1 for RHEL 7	RedHat	libtalloc-0:2.1.5-1.el7rhgs	*
Red Hat Gluster Storage 3.1 for RHEL 7	RedHat	libtdb-0:1.3.8-1.el7rhgs	*
Red Hat Gluster Storage 3.1 for RHEL 7	RedHat	libtevent-0:0.9.26-1.el7rhgs	*
Red Hat Gluster Storage 3.1 for RHEL 7	RedHat	samba-0:4.2.11-2.el7rhgs	*
Samba	Ubuntu	devel	*
Samba	Ubuntu	precise	*
Samba	Ubuntu	trusty	*
Samba	Ubuntu	upstream	*
Samba	Ubuntu	wily	*
Samba	Ubuntu	xenial	*
Samba	Ubuntu	yakkety	*
Samba	Ubuntu	zesty	*
Samba4	Ubuntu	precise	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-2118
CWE	https://cwe.mitre.org/data/definitions/254.html

Affected Software

References