[Samba] Nessus test issues with open shares

Joseph P Villa jvilla at usgs.gov
Wed May 28 16:58:12 GMT 2008


Hi,

My name is Joseph Villa, I'm new to the message boards and I'm also new to 
Samba. I just got an e-mail back on our Nessus scans.. Here are the 2 that 
are relivant..

1.) The remote host has accessible LOGS$ share. 

ScriptLogic creates this share to store the logs, but does not properly 
set the permissions on it. As a result, anyone 
can use it to read the remote logs. 

Solution: Limit access to this share to the backup account and the Domain 
Administrator. 




2.) Backup share can be accessed without authentication. 

The remote host has an accessible ARCSERVE$ share. 

Several versions of ARCserve store the backup agent username and password 
in cleartext in this share., 
An attacker may use this flaw to obtain the password file of the remote 
backup agent and use it to gain privilages on the host. 

Solution is to limit the access to this share to backup account and domain 
administrator. 



Both of these are off of our Sun server running Solaris 10 as the OS. I'm 
thinking both directories are being shared via Samba. Although
there is much I don't know about this system. Has anyone out there run 
into the same issue?

Thanks, 


Joseph P Villa, IT Services
USGS Mounds View, MN


More information about the samba mailing list