Are your systems affected by BADLOCK Security flaw?

The recent discovery of a protocol flaw on Samba server (see CVE-2016-2118) raises once again the question of managing security and compliance of systems. How can we identify easily which systems are affected? And, how can we validate that these environments are correctly patched?

We recently covered this topic in this blog post and show how Red Hat CloudForms and ManageIQ can be utilized to manage patching and compliance. We have defined a CloudForms policy and profile in our lab to assist in identifying affected Samba package versions for RHEL5, RHEL6 and RHEL7. An implementation of the BADLOCK policy is available for download on ManageIQ Depot and can be imported into your Red Hat CloudForms or ManageIQ environment (see detailed instructions here).

The policy validates Samba versions installed on your Red Hat environments. It flags systems as non-compliant if a BADLOCK vulnerable package version is installed, running or not.

Hopefully, this policy will help you identify and validate that all your environments are secure against the BADLOCK security flaw.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s