[prev in list] [next in list] [prev in thread] [next in thread] 

List:       illumos-discuss
Subject:    [discuss] Badlock -- illumos Native SMB server is not affected
From:       "Gordon Ross" <gordon.w.ross () gmail ! com>
Date:       2016-04-13 14:12:33
Message-ID: CAD0Ztp1PtX9pPL5scCMn63ZHZRrtKxkw8PvypFWEd6mGy4MQOQ () mail ! gmail ! com
[Download RAW message or body]

Some of you may have heard about the vulnerability in SMB that affects
Windows and Samba systems, disclosed on April 12 and named "BadLock"
(www.badlock.org).
The native SMB service in Illumos is not subject to the Badlock vulnerabilities.

The main issues discovered by badlock.org relate to downgrade
opportunities using "man in the middle" attacks where DCERPC traffic
is supported over "plain TCP". The Native SMB server in illumos does
not support DCERPC over "plain TCP" (electing to support  DCERPC only
over "SMB named pipes") and is therefore not affected.

For more detailed information about the CVEs, refer to this wiki page:
http://wiki.illumos.org/display/illumos/Response+to+the+badlock.org+CVEs


-------------------------------------------
illumos-discuss
Archives: https://www.listbox.com/member/archive/182180/=now
RSS Feed: https://www.listbox.com/member/archive/rss/182180/25758063-6f7f4185
Modify Your Subscription: https://www.listbox.com/member/?member_id=25758063&id_secret=25758063-83fb4fd4
Powered by Listbox: http://www.listbox.com
[prev in list] [next in list] [prev in thread] [next in thread]