FYI, this doesn't sound good.... :-( rgt
Whitehead Network/System Administrator ----- Forwarded Message ----- From: "Rob Taylor" <[email protected]> To: "Unix Support" <[email protected]> Cc: "Doozers" <[email protected]> Sent: Friday, March 25, 2016 12:43:39 PM Subject: Fwd: [SECURITY] "Badlock" SMB vulnerability to be patched April 12 FYI, this doesn't sound good.... :-( rgt Whitehead Network/System Administrator ----- Forwarded Message ----- From: "Alex Keller" <[email protected]> To: [email protected] Sent: Friday, March 25, 2016 4:05:45 AM Subject: [SECURITY] "Badlock" SMB vulnerability to be patched April 12 Discovered by Stefan Metzmacher of the Samba core team, he advises "Please get yourself ready to patch all systems on this day. We are pretty sure that there will be exploits soon after we publish all relevant information". Stefan's colleague Johannes Loxen tweets "#badlock means admin accounts for everybody on the same LAN". Vulnerability apparently affects SMB implementation in both Samba and Windows. Researcher David Litchfield speculates "Due to the name 'Badlock,' I'm guessing controllable memory write after file handle invalidated on broken lock over CIFS". Scant details: http://www.theregister.co.uk/2016/03/22/badlock_bug https://isc.sans.edu/diary/Getting+Ready+for+Badlock/20877 Heartbleed style disclosure site and logo: http://badlock.org Kaminsky weighs in on the hype: http://www.wired.com/2016/03/hype-around-mysterious-badlock-bug-raises-criticism/ Courtesy of SANS handler on duty Johannes Ullrich, Stefan Metzmacher includes a curious comment in Samba's lock.c: /* this is quite bizarre - the spec says we must lie about the length! */ https://github.com/ccrisan/samba/blob/master/source4/libcli/smb2/lock.c ...hat tip to Tomáš F. for the heads-up. Alex Keller Stanford | Engineering Information Technology [email protected] (650)736-6421 _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
