[Samba] samba security question - samba vulnerable to any WindowsExploits?

Paul Bradshaw bradshaw at uoguelph.ca
Wed Jun 23 15:14:05 GMT 2004

Hi Ryan,

I am not authenticating to any Windows  server, I just have the samba 
server itself set up with 3 users who an login.


Ryan Frantz wrote:

>Are you using a Windows PDC or ADS to authenticate your Samba shares?
>If so, the problem would not be with Samba, but with the authenticating
>-----Original Message-----
>From: samba-bounces+ryanfrantz=informed-llc.com at lists.samba.org
>[mailto:samba-bounces+ryanfrantz=informed-llc.com at lists.samba.org] On
>Behalf Of Paul Bradshaw
>Sent: Wednesday, June 23, 2004 11:02 AM
>To: samba at lists.samba.org
>Subject: [Samba] samba security question - samba vulnerable to any
>Hi there,
>I'm unclear on this warning I got from NeWT when I scanned my Linux 
>workstation.  Could someone clarify for me if I should be worried?
>microsoft-ds (445/tcp)
>It was possible to log into the remote host using the following
>login/password combinations :
>It was possible to log into the remote host using a NULL session.
>The concept of a NULL session is to provide a null username and
>a null password, which grants the user the 'guest' access
>To prevent null sessions, see MS KB Article Q143474 (NT 4.0) and
>Q246261 (Windows 2000).
>Note that this won't completely disable null sessions, but will
>prevent them from connecting to IPC$
>Please see http://msgs.securepoint.com/cgi-bin/get/nessus-0204/50/1.html
>The remote host defaults to guest when a user logs in using an invalid
>login. For instance, we could log in using the account 'nessus/nessus'
>All the smb tests will be done as ''/'whatever' in domain ALUMNI_HOUSE
>CVE : CAN-1999-0504, CAN-1999-0506, CVE-2000-0222, CAN-1999-0505, 
>BID : 494, 990
>Plugin ID : 10394 <http://cgi.nessus.org/plugins/newt.php?id=10394>
>The following shares can be accessed using a NULL session :
>- IPC$ - (readable?, writeable?)
>*Solution : To restrict their access under WindowsNT, open the explorer,
>do a right click on each,
>go to the 'sharing' tab, and click on 'permissions'
>Risk factor : High
>CVE : CAN-1999-0519, CAN-1999-0520
>BID : 8026
>Plugin ID : 10396 <http://cgi.nessus.org/plugins/newt.php?id=10396>

More information about the samba mailing list