Stories
Slash Boxes
Comments

SoylentNews is people

Submission Preview

Link to Story

Badlock bug: samba affected by MitM

Accepted submission by FakeBeldin at 2016-04-13 13:42:06
Security

FakeBeldin [soylentnews.org] writes:

The Badlock bug [badlock.org] is a staple of modern times by having its own website, a catchy name and a logo. It also was announced 22 March - about 3 weeks before any details were released. That's how scary the discoverers thought it'd be (or, that's how they hoped to create a hype). So is it?
Badlock hypes it:

Impact examples of intercepting administrator network traffic:
- Samba AD server - view or modify secrets within an AD database, including user password hashes, or shutdown critical services.
- standard Samba server - modify user permissions on files or directories.

However, El Reg injects some sanity:

More importantly, is the "crucial security bug" Badlock a remote-code-execution hole? No. A privilege-escalation bug? No, not really. ... To pull [an attack] off, the [man-in-the-middle] has to be on the network; ...

Still, if your Active Directory server is Samba-based, sounds like patching time.
More details: Ars Technica [arstechnica.co.uk], El Reg [theregister.co.uk].

So: is this overhyped? What if your customers can login using the Samba AD server?

Original Submission