[Samba] Possible security hole in 2.2.0a?

andy thomas andy at ic.ac.uk
Sat Dec 28 09:43:01 GMT 2002

Unauthorised connection attempts to a server running samba 2.2.0a are a
daily occurrence but incorrect usernames/share names prevent accesses to
shares and this is not normally anything to worry about. But looking
through the smbd logs on this server I found one instance where someone
apparently knew the 6 usernames listed in the smbpasswd file and tried to
use those in turn to gain access. (This was unsuccessful as passwords
are used to protect access to shares).

As the smbpasswd file is readable only by root, this could point to a
security lapse on the server but is there any way anyone could determine
the Windows user accounts on a remote server? Or could this be a security
hole in samba?


# include <std-disclaimer.h>

More information about the samba mailing list