Security

Reply
Contributor I

ClearPass and CVE-2016-2118

ClearPass uses Samba internally which is affected by security advisory CVE-2016-2118 (aka "Badlock").

 

According to RedHat:

 

"An Active Directory infrastructure with a Samba server as a domain member is vulnerable to this flaw, as a man-in-the-middle attacker could intercept traffic between the domain member and the domain controller to impersonate the client and get the same privileges as the authenticated user account."

 

We need guidance from Aruba on what steps they are taking to resolve this within the ClearPass product and how long the wait will be.

 

Thanks.

 

 

Aruba

Re: ClearPass and CVE-2016-2118

Hi Bruce,

I have to have engineering check on this one.

 

In future, can you send security vulnerability questions to sirt@arubanetworks.com so that the right folks see these types of questions immediately? Details on this email address and security policies in general are posted here http://www.arubanetworks.com/support-services/security-bulletins/

 

Best regards,

 

Madani

Aruba

Re: ClearPass and CVE-2016-2118

Bruce,

I wanted to drop you a note to let you know we have not forgotten you. Our security team is involved and continues to investigate.

 

Best regards,

 

Madani

Aruba

Re: ClearPass and CVE-2016-2118

Bruce,

We've posted the SAMR and LSA man in the middle attacks ("BADLOCK") advisory. Please let me know if you have any questions.

 

Best regards,

 

Madani

 

 

Contributor I

Re: ClearPass and CVE-2016-2118

Thank you for keeping on top of this. Good to see such a quick turnaround.

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: