Executive Summary

Informations
NameCVE-2016-0128First vendor Publication2016-04-12
VendorCveLast vendor Modification2018-10-12

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:N)
Cvss Base Score5.8Attack RangeNetwork
Cvss Impact Score4.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "Windows SAM and LSAD Downgrade Vulnerability" or "BADLOCK."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0128

CWE : Common Weakness Enumeration

%idName
100 %CWE-254Security Features

CPE : Common Platform Enumeration

TypeDescriptionCount
Os2
Os1
Os1
Os1
Os2
Os2
Os1

Snort® IPS/IDS

DateDescription
2016-05-12DCERPC Bind auth level packet privacy downgrade attempt
RuleID : 38462 - Revision : 2 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

DateDescription
2016-04-13Name : The remote Windows host is affected by an elevation of privilege vulnerability.
File : ms16-047.nasl - Type : ACT_GATHER_INFO
2016-04-13Name : The remote Samba server is affected by multiple vulnerabilities.
File : samba_4_3_7.nasl - Type : ACT_GATHER_INFO
2016-04-13Name : An SMB server running on the remote host is affected by the Badlock vulnerabi...
File : samba_badlock.nasl - Type : ACT_GATHER_INFO
2016-04-12Name : The remote Windows host is affected by an elevation of privilege vulnerability.
File : smb_nt_ms16-047.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
CERT-VN https://www.kb.cert.org/vuls/id/813296
CONFIRM https://bto.bluecoat.com/security-advisory/sa122
MISC http://badlock.org/
https://www.samba.org/samba/security/CVE-2016-2118.html
MS https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16...
SECTRACK http://www.securitytracker.com/id/1035534

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
DateInformations
2018-10-13 05:18:59
  • Multiple Updates
2016-12-03 09:24:32
  • Multiple Updates
2016-07-07 21:25:39
  • Multiple Updates
2016-04-14 13:26:54
  • Multiple Updates
2016-04-13 21:26:13
  • Multiple Updates
2016-04-13 13:20:42
  • Multiple Updates
2016-04-13 05:25:24
  • First insertion