[OmniOS-discuss] Badlock -- illumos Native SMB server is not affected
Gordon Ross
gordon.w.ross at gmail.com
Wed Apr 13 14:12:33 UTC 2016
Some of you may have heard about the vulnerability in SMB that affects
Windows and Samba systems, disclosed on April 12 and named "BadLock"
(www.badlock.org).
The native SMB service in Illumos is not subject to the Badlock vulnerabilities.
The main issues discovered by badlock.org relate to downgrade
opportunities using "man in the middle" attacks where DCERPC traffic
is supported over "plain TCP". The Native SMB server in illumos does
not support DCERPC over "plain TCP" (electing to support DCERPC only
over "SMB named pipes") and is therefore not affected.
For more detailed information about the CVEs, refer to this wiki page:
http://wiki.illumos.org/display/illumos/Response+to+the+badlock.org+CVEs
More information about the OmniOS-discuss
mailing list