Did anyone encounter this kind of audit issue at all? Thanks Ying
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Xu, Ying (Houston) Sent: Friday, May 22, 2009 11:01 AM To: [email protected] Subject: [Samba] Vulnerabilities reported by Qualys scan We are running samba services on several solaris10 servers for the users that need to read reports/logs on their windows workstation. THe shares are shared read-only and allowed guest account since most of users do not have unix accounts. Our company recently started Qualys scan on all servers, and we need to address the vulnerabilities reported. We are getting the following vulnerabilities regarding the samba services: Remote User List Disclosure Using NetBIOS (CVE-2000-1200) Null Session/Password NetBIOS Access (CVE-1999-0519) Is there anyway to address this besides disable guest account? Thanks Ying Xu <[email protected]> Unix Group ------------------------------------------------------------------------ ------------------- DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by replying to this message and then delete it from your system. Use, dissemination or copying of this message by unintended recipients is not authorized and may be unlawful. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba ------------------------------------------------------------------------------------------- DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by replying to this message and then delete it from your system. Use, dissemination or copying of this message by unintended recipients is not authorized and may be unlawful. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
