[Samba] SMB Use Domain SID to Enumerate Users
Dmitry Tikhomirov
chani at me.com
Thu Nov 18 03:06:25 MST 2010
Hi Guyz,
I have check my samba box via Nessus and find medium problem:
SMB Use Domain SID to Enumerate Users
Synopsis:
It is possible to enumerate domain users.
Description:
Using the host SID, it is possible to enumerate the domain users on the remote Windows system.
Risk factor:
None
Solution:
n/a
Plugin output:
- Administrator (id 500, Administrator account) - Guest (id 501, Guest account) - krbtgt (id 502, Kerberos account) - HelpServicesGroup (id 1000) - TelnetClients (id 1002) - BDC01$ (id 1003) - GROUP$ (id 1104) - DnsAdmins (id 1105) - DnsUpdateProxy (id 1106) - Exchange Domain Servers (id 1109) - Exchange Enterprise Servers (id 1110) - spec-everyone (id 1111) - DHCP Users (id 1112) - DHCP Administrators (id 1113) - -0248$ (id 1114) - 0626$ (id 1116) - 0252$ (id 1118) - WKSs-0233$ (id 1120) - RDP$ (id 1125) - sdr (id 1128) - sdf (id 1132)
My samba (3.5.6) joined to domain and works fine ... But how do i can fix this ?
More information about the samba
mailing list