On Wed, 2009-05-27 at 10:41 -0500, Xu, Ying (Houston) wrote: > Did anyone encounter this kind of audit issue at all? > > Thanks > > Ying > > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf > Of Xu, Ying (Houston) > Sent: Friday, May 22, 2009 11:01 AM > To: [email protected] > Subject: [Samba] Vulnerabilities reported by Qualys scan > > We are running samba services on several solaris10 servers for the users > that need to read reports/logs on their windows workstation. THe shares > are shared read-only and allowed guest account since most of users do > not have unix accounts. Our company recently started Qualys scan on all > servers, and we need to address the vulnerabilities reported. We are > getting the following vulnerabilities regarding the samba services: > > Remote User List Disclosure Using NetBIOS (CVE-2000-1200) > Null Session/Password NetBIOS Access (CVE-1999-0519) > > Is there anyway to address this besides disable guest account? > > > Thanks > > Ying Xu <[email protected]> > Unix Group
I used to run into security scans and mitigation requirements all the time. From a variety of scan tools... A _VERY_ brief Google search (CVE-2000-1200 samba) lead me to http://www.rapid7.com/vulndb/lookup/cifs-nt-0002 where you can find instructions on mitigating that issue (there are Windows sections, a Samba section, and a Novell section - just scroll). The second issue was also found with a similar search and results - http://www.rapid7.com/vulndb/lookup/cifs-nt-0001. I have typically found that these scan tools will give you a general idea of how to mitigate these issues (perhaps Windows-centric in this case) but still a hint none the less. Even Qualys gives you that much. Regards, Frank -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
