+ Reply to Thread
Results 1 to 4 of 4
  1. September 5th, 2002, 11:05 AM #1
    rh71
    rh71 is offline
    Ultimate Member rh71's Avatar
    Join Date
    Oct 2001
    Location
    LI | NY
    Posts
    1,250
    Send a message via ICQ to rh71 Send a message via AIM to rh71

    what the hell is this security finding ?

     
    WIN2k server...

    [NetBIOS-ssn/139/TCP] Server exits on long password; possible buffer overflow.

    Need to know how to resolve. A search indicated:
    The *netbios-ssn* (NetBIOS Session Service) provides the NetBIOS protocol over a TCP stream. It is documented in RFC 1001 and RFC 1002. The standard port for this service is TCP port 139. Typically, the SMB service is provided via the NetBIOS protocol. This service should not be accessible from the Internet.

    SMB Buffer Overflow on password

    *CVE#:* *CVE-1999-0182
    *Summary:* *Samba allows a root compromise.
    *Details:* *A security hole in the SAMBA server allows unauthorized remote users to obtain root access on the Samba server. Known exploits are architecture specific to Intel platforms. _Note_: These findings indicate a possible buffer overflow condition. Even if the above reference does not indicate the same server as on the scanned system, check the server for core files created at the time of the scan and for indications in the log files that service was interrupted at the time of the scan. If either are
    found, the server is likely vulnerable to a buffer overflow condition.
    *Fix:**Download new version of samba from:
    *ftp://samba.anu.edu.au/pub/samba/

    Samba? I don't think I've ever come across that (don't run it - what is it?)... Can't just remove NETBIOS, can I? Sorry I'm newbie when it comes to networking.
    rh71.com
    Reply With Quote Reply With Quote
  2. September 5th, 2002, 11:22 AM #2
    DVNT1
    DVNT1 is offline
    addicted DVNT1's Avatar
    Join Date
    Oct 2001
    Location
    Ohio
    Posts
    6,103
    Not Samba but Server Message Block (SMB) protocol

    That is a very old security finding (1999). I don't remember much of anything about it but it should be irrelevant with today's OSes and related patches.
    Reply With Quote Reply With Quote
  3. September 5th, 2002, 11:39 AM #3
    rh71
    rh71 is offline
    Ultimate Member rh71's Avatar
    Join Date
    Oct 2001
    Location
    LI | NY
    Posts
    1,250
    Send a message via ICQ to rh71 Send a message via AIM to rh71
    ok thx! Can anyone confirm this?
    rh71.com
    Reply With Quote Reply With Quote
  4. September 5th, 2002, 11:40 AM #4
    vass0922
    vass0922 is offline
    Not Really a Member
    Join Date
    Oct 2001
    Posts
    27,879
    Netbios is very common on a standard windows network .. if you're just connecting to the internet with no other windows boxes on your LAN then it may be something to be concerned about.
    If you're connecting to another windows box than Netbios would be expected.

    Samba is an application used on linux to allow access to windows shares so I don't think you need to be too concerned with that
    Helicopters don't fly; they vibrate so much and make so much noise that the earth rejects them.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

Recommended Sites: ResellerRatings Store Reviews