[Samba] Vulnerabilities reported by Qualys scan

Xu, Ying (Houston) Ying.Xu at littonloan.com
Fri May 22 16:01:29 GMT 2009


We are running samba services on several solaris10 servers for the users
that need to read reports/logs on their windows workstation.  THe shares
are shared read-only and allowed guest account since most of users do
not have unix accounts.  Our company recently started Qualys scan on all
servers, and we need to address the vulnerabilities reported.  We are
getting the following vulnerabilities regarding the samba services:
 
Remote User List Disclosure Using NetBIOS (CVE-2000-1200)
Null Session/Password NetBIOS Access (CVE-1999-0519)
 
Is there anyway to address this besides disable guest account?
 
 
Thanks
 
Ying Xu <yxu at littonloan.com>
Unix Group
-------------------------------------------------------------------------------------------

DISCLAIMER: This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they are
addressed. If you have received this email in error please notify the sender
by replying to this message and then delete it from your system. Use,
dissemination or copying of this message by unintended recipients is not
authorized and may be unlawful. Please note that any views or opinions
presented in this email are solely those of the author and do not necessarily
represent those of the company. Finally, the recipient should check this email
and any attachments for the presence of viruses. The company accepts no
liability for any damage caused by any virus transmitted by this email.


More information about the samba mailing list