[Samba] Samba 2.2.5 Security Bug?
imed at gmx.ch
imed at gmx.ch
Mon Oct 7 16:55:01 GMT 2002
Hello
Does anyone know why normal users can set a blank samba password with the
smbpasswd kommand by inserting <CR> twice after inserting the old passwd:
ben at amo:% /opt/samba/bin/smbpasswd
Old SMB password:<oldpasswd>
New SMB password:<CR>
Retype new SMB password:<CR>
Password changed for user ben
After that the user can map the samba shares with a blank password even if:
null passwords = No
and
guest ok = No
in the smb.conf
Thanks in advance
Imed
--
+++ GMX - Mail, Messaging & more http://www.gmx.net +++
NEU: Mit GMX ins Internet. Rund um die Uhr für 1 ct/ Min. surfen!
More information about the samba
mailing list