[Samba] Vulnerabilities reported by Qualys scan

Frank Gruman fgatwork at verizon.net
Thu May 28 03:26:47 GMT 2009

On Wed, 2009-05-27 at 10:41 -0500, Xu, Ying (Houston) wrote:

> Did anyone encounter this kind of audit issue at all?
> Thanks
> Ying 
> -----Original Message-----
> From: samba-bounces+ying.xu=littonloan.com at lists.samba.org
> [mailto:samba-bounces+ying.xu=littonloan.com at lists.samba.org] On Behalf
> Of Xu, Ying (Houston)
> Sent: Friday, May 22, 2009 11:01 AM
> To: samba at lists.samba.org
> Subject: [Samba] Vulnerabilities reported by Qualys scan
> We are running samba services on several solaris10 servers for the users
> that need to read reports/logs on their windows workstation.  THe shares
> are shared read-only and allowed guest account since most of users do
> not have unix accounts.  Our company recently started Qualys scan on all
> servers, and we need to address the vulnerabilities reported.  We are
> getting the following vulnerabilities regarding the samba services:
> Remote User List Disclosure Using NetBIOS (CVE-2000-1200) 
> Null Session/Password NetBIOS Access (CVE-1999-0519)
> Is there anyway to address this besides disable guest account?
> Thanks
> Ying Xu <yxu at littonloan.com>
> Unix Group

I used to run into security scans and mitigation requirements all the
time.  From a variety of scan tools...

A _VERY_ brief Google search (CVE-2000-1200 samba) lead me to
http://www.rapid7.com/vulndb/lookup/cifs-nt-0002 where you can find
instructions on mitigating that issue (there are Windows sections, a
Samba section, and a Novell section - just scroll).  The second issue
was also found with a similar search and results -

I have typically found that these scan tools will give you a general
idea of how to mitigate these issues (perhaps Windows-centric in this
case) but still a hint none the less.  Even Qualys gives you that much.


More information about the samba mailing list