Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.

Submission Preview

Link to Story

Badlock bug: samba affected by MitM

Accepted submission by FakeBeldin at 2016-04-13 13:42:06
Security

FakeBeldin [soylentnews.org] writes:

The Badlock bug [badlock.org] is a staple of modern times by having its own website, a catchy name and a logo. It also was announced 22 March - about 3 weeks before any details were released. That's how scary the discoverers thought it'd be (or, that's how they hoped to create a hype). So is it?
Badlock hypes it:

Impact examples of intercepting administrator network traffic:
- Samba AD server - view or modify secrets within an AD database, including user password hashes, or shutdown critical services.
- standard Samba server - modify user permissions on files or directories.

However, El Reg injects some sanity:

More importantly, is the "crucial security bug" Badlock a remote-code-execution hole? No. A privilege-escalation bug? No, not really. ... To pull [an attack] off, the [man-in-the-middle] has to be on the network; ...

Still, if your Active Directory server is Samba-based, sounds like patching time.
More details: Ars Technica [arstechnica.co.uk], El Reg [theregister.co.uk].

So: is this overhyped? What if your customers can login using the Samba AD server?

Original Submission