[Samba] Nessus test issues with open shares
Joseph P Villa
jvilla at usgs.gov
Wed May 28 16:58:12 GMT 2008
Hi,
My name is Joseph Villa, I'm new to the message boards and I'm also new to
Samba. I just got an e-mail back on our Nessus scans.. Here are the 2 that
are relivant..
1.) The remote host has accessible LOGS$ share.
ScriptLogic creates this share to store the logs, but does not properly
set the permissions on it. As a result, anyone
can use it to read the remote logs.
Solution: Limit access to this share to the backup account and the Domain
Administrator.
2.) Backup share can be accessed without authentication.
The remote host has an accessible ARCSERVE$ share.
Several versions of ARCserve store the backup agent username and password
in cleartext in this share.,
An attacker may use this flaw to obtain the password file of the remote
backup agent and use it to gain privilages on the host.
Solution is to limit the access to this share to backup account and domain
administrator.
Both of these are off of our Sun server running Solaris 10 as the OS. I'm
thinking both directories are being shared via Samba. Although
there is much I don't know about this system. Has anyone out there run
into the same issue?
Thanks,
Joseph P Villa, IT Services
USGS Mounds View, MN
More information about the samba
mailing list