Badlock

{{Short description|Security bug}}

{{infobox bug

| name=Badlock

| image=Badlock logo.svg

| caption=Logo representing Badlock.

| CVE=[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118 CVE-2016-2118]

| website=https://web.archive.org/web/20170608065927/http://badlock.org/

}}

Badlock ({{CVE|2016-2118}}) is a security bug disclosed on April 12, 2016 affecting the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols{{cite web

| title=Microsoft Security Bulletin MS16-047

| url=https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2016/ms16-047

| publisher=Microsoft TechNet

| date=2016-04-12

| access-date=2018-02-21}} supported by Windows and Samba servers.{{cite web

| title=Badlock Bug

| url=http://badlock.org/

| archive-url=https://web.archive.org/web/20170608065927/http://badlock.org/

| archive-date=2017-06-08

| url-status=dead

| access-date=2018-02-21}}

Both SAM and LSAD are layered onto the DCE 1.1 Remote Procedure Call (DCE/RPC) protocol. As implemented in Samba and Windows, the RPC services allowed an attacker to become man in the middle.{{cite web

| title=CVE-2016-2118

| url=https://www.samba.org/samba/security/CVE-2016-2118.html

| access-date=2018-02-21}} Although the vulnerability was discovered during the development of Samba, the namegiving SMB protocol itself is not affected.