A user on the Ask Ubuntu General Room posted a link to Badlock. After some googling around, all I can find is that it is a mysterious security bug, that uses the same website template as Heartbleed.
I manage Linux Servers, a mysterious security bug does not sit well with me. What exactly is it, and how can I protect my servers from it?
Best Answer
Badlock is a bug that affects Windows and Samba.
What Can hackers do with this security bug?
Two things:
Man-in-the-middle (MITM) attacks:
Denial-of-Service (DoS) attacks:
The Badlock CVE is: CVE-2016-2118. There are additional CVEs related to Badlock. Those are:
Which versions of samba are affected
Fix:
Download the patches for your version of samba, here:
How bad is Badlock?
Notes:
Further Reading:
Bad Luck Over The Upcoming Badlock Vulnerability?
WIRED, Hype Around the Mysterious 'Badlock' Bug Raises Criticism
Official badlock website:
Links: