Oval Definition:	oval:org.cisecurity:def:1220
Revision Date: 2016-11-10 Version: 12 Title: HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access Description: The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK." Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2016-2118 Platform(s): HP-UX 11 Product(s): Definition Synopsis HP-UX B.11.31 AND filesets test CIFS-Development.CIFS-PRG version is less than A.03.02.07 OR CIFS-Server.CIFS-ADMIN version is less than A.03.02.07 OR CIFS-Server.CIFS-DOC version is less than A.03.02.07 OR CIFS-Server.CIFS-LIB version is less than A.03.02.07 OR CIFS-Server.CIFS-RUN version is less than A.03.02.07 OR CIFS-Server.CIFS-UTIL version is less than A.03.02.07
BACK