[Samba] Vulnerabilities reported by Qualys scan
Xu, Ying (Houston)
Ying.Xu at littonloan.com
Wed May 27 15:41:04 GMT 2009
Did anyone encounter this kind of audit issue at all?
Thanks
Ying
-----Original Message-----
From: samba-bounces+ying.xu=littonloan.com at lists.samba.org
[mailto:samba-bounces+ying.xu=littonloan.com at lists.samba.org] On Behalf
Of Xu, Ying (Houston)
Sent: Friday, May 22, 2009 11:01 AM
To: samba at lists.samba.org
Subject: [Samba] Vulnerabilities reported by Qualys scan
We are running samba services on several solaris10 servers for the users
that need to read reports/logs on their windows workstation. THe shares
are shared read-only and allowed guest account since most of users do
not have unix accounts. Our company recently started Qualys scan on all
servers, and we need to address the vulnerabilities reported. We are
getting the following vulnerabilities regarding the samba services:
Remote User List Disclosure Using NetBIOS (CVE-2000-1200)
Null Session/Password NetBIOS Access (CVE-1999-0519)
Is there anyway to address this besides disable guest account?
Thanks
Ying Xu <yxu at littonloan.com>
Unix Group
------------------------------------------------------------------------
-------------------
DISCLAIMER: This email and any files transmitted with it are
confidential and intended solely for the use of the individual or entity
to whom they are addressed. If you have received this email in error
please notify the sender by replying to this message and then delete it
from your system. Use, dissemination or copying of this message by
unintended recipients is not authorized and may be unlawful. Please note
that any views or opinions presented in this email are solely those of
the author and do not necessarily represent those of the company.
Finally, the recipient should check this email and any attachments for
the presence of viruses. The company accepts no liability for any damage
caused by any virus transmitted by this email.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
-------------------------------------------------------------------------------------------
DISCLAIMER: This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they are
addressed. If you have received this email in error please notify the sender
by replying to this message and then delete it from your system. Use,
dissemination or copying of this message by unintended recipients is not
authorized and may be unlawful. Please note that any views or opinions
presented in this email are solely those of the author and do not necessarily
represent those of the company. Finally, the recipient should check this email
and any attachments for the presence of viruses. The company accepts no
liability for any damage caused by any virus transmitted by this email.
More information about the samba
mailing list