Some of you may have heard about the vulnerability in SMB that affects Windows and Samba systems, disclosed on April 12 and named "BadLock" (www.badlock.org). The native SMB service in Illumos is not subject to the Badlock vulnerabilities.
The main issues discovered by badlock.org relate to downgrade opportunities using "man in the middle" attacks where DCERPC traffic is supported over "plain TCP". The Native SMB server in illumos does not support DCERPC over "plain TCP" (electing to support DCERPC only over "SMB named pipes") and is therefore not affected. For more detailed information about the CVEs, refer to this wiki page: http://wiki.illumos.org/display/illumos/Response+to+the+badlock.org+CVEs _______________________________________________ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss