Rapid7 Vulnerability & Exploit Database

MS16-047: Security Update for SAM and LSAD Remote Protocols (3148527)

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

MS16-047: Security Update for SAM and LSAD Remote Protocols (3148527)

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Published

04/12/2016

Created

07/25/2018

Added

04/12/2016

Modified

11/18/2021

Description

An elevation of privilege vulnerability exists in the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols when they accept authentication levels that do not protect them adequately. The vulnerability is caused by the way the SAM and LSAD remote protocols establish the Remote Procedure Call (RPC) channel. An attacker who successfully exploited this vulnerability could gain access to the SAM database.

Solution(s)

WINDOWS-HOTFIX-MS16-037-1f7b2d51-98a1-4240-a636-8096fa0308c3
WINDOWS-HOTFIX-MS16-037-34515df7-3d11-4fa9-98ad-77c6f0dafc2a
WINDOWS-HOTFIX-MS16-037-45da2895-fcf0-4175-a533-e0fda3dbc081
WINDOWS-HOTFIX-MS16-037-4d0814f6-9f22-43aa-b23c-f6243b1e1f4a
WINDOWS-HOTFIX-MS16-047-0314d3a8-7af1-4bf1-9391-e206f043b569
WINDOWS-HOTFIX-MS16-047-1bc1a020-c20b-4be5-baf6-02a138d0ef89
WINDOWS-HOTFIX-MS16-047-228a988b-27f7-4147-8eee-c5acee832325
WINDOWS-HOTFIX-MS16-047-360187d3-bf52-4700-9b82-a2d9df9c0f42
WINDOWS-HOTFIX-MS16-047-4c7a58ee-15b1-4bc6-982a-cb972bef1da6
WINDOWS-HOTFIX-MS16-047-51eb5a93-6d61-4cb6-bdf1-63a59916c204
WINDOWS-HOTFIX-MS16-047-56123899-8dce-4183-8219-8769fc2a5340
WINDOWS-HOTFIX-MS16-047-5888e927-7d6b-4b7a-babc-53144a38e36d
WINDOWS-HOTFIX-MS16-047-6a11a76c-4296-4ca8-86d4-19eedac18c1a
WINDOWS-HOTFIX-MS16-047-7136cdd3-8b8e-43bf-93cf-21232fb510a1
WINDOWS-HOTFIX-MS16-047-8b5a811f-5d6b-406c-82f2-a0a479085761
WINDOWS-HOTFIX-MS16-047-b522194e-5d77-406c-81e4-f3e2b88e932a
WINDOWS-HOTFIX-MS16-047-be9afb69-a500-4ed4-bcb9-731fa83987a1
WINDOWS-HOTFIX-MS16-047-ca6fcfdf-5669-485d-9692-ca55fe9b1162
WINDOWS-HOTFIX-MS16-047-d6a1ac67-3062-49f1-9f7b-cb14e7be8a25
WINDOWS-HOTFIX-MS16-047-eb62958b-6a7b-45e6-8a04-093bc717153a
WINDOWS-HOTFIX-MS16-047-f4815d9c-d174-42b6-9f98-5e05d8d820ef
WINDOWS-HOTFIX-MS16-047-f4b6637f-815f-49ed-b7ab-812f188d5b03

References

https://attackerkb.com/topics/cve-2016-0128
813296
CVE - 2016-0128
MS16-047
3148527

Advanced vulnerability management analytics and reporting.

Key Features

Lightweight Endpoint Agent
Live Dashboards
Real Risk Prioritization
IT-Integrated Remediation Projects
Cloud, Virtual, and Container Assessment
Integrated Threat Feeds
Easy-to-Use RESTful API
Automation-Assisted Patching
Automated Containment

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

MS16-047: Security Update for SAM and LSAD Remote Protocols (3148527)

MS16-047: Security Update for SAM and LSAD Remote Protocols (3148527)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.