[Samba] Nessus test issues with open shares
Jeremy Allison
jra at samba.org
Wed May 28 17:39:33 GMT 2008
On Wed, May 28, 2008 at 12:58:12PM -0400, Joseph P Villa wrote:
> Hi,
>
> My name is Joseph Villa, I'm new to the message boards and I'm also new to
> Samba. I just got an e-mail back on our Nessus scans.. Here are the 2 that
> are relivant..
>
> 1.) The remote host has accessible LOGS$ share.
>
> ScriptLogic creates this share to store the logs, but does not properly
> set the permissions on it. As a result, anyone
> can use it to read the remote logs.
>
> Solution: Limit access to this share to the backup account and the Domain
> Administrator.
>
>
>
>
> 2.) Backup share can be accessed without authentication.
>
> The remote host has an accessible ARCSERVE$ share.
>
> Several versions of ARCserve store the backup agent username and password
> in cleartext in this share.,
> An attacker may use this flaw to obtain the password file of the remote
> backup agent and use it to gain privilages on the host.
>
> Solution is to limit the access to this share to backup account and domain
> administrator.
>
>
>
> Both of these are off of our Sun server running Solaris 10 as the OS. I'm
> thinking both directories are being shared via Samba. Although
> there is much I don't know about this system. Has anyone out there run
> into the same issue?
Post your smb.conf so we can see what shares you have defiend.
Jeremy.
More information about the samba
mailing list