September 5th, 2002, 11:05 AM #1
what the hell is this security finding ?
[NetBIOS-ssn/139/TCP] Server exits on long password; possible buffer overflow.
Need to know how to resolve. A search indicated:
The *netbios-ssn* (NetBIOS Session Service) provides the NetBIOS protocol over a TCP stream. It is documented in RFC 1001 and RFC 1002. The standard port for this service is TCP port 139. Typically, the SMB service is provided via the NetBIOS protocol. This service should not be accessible from the Internet.
SMB Buffer Overflow on password
*Summary:* *Samba allows a root compromise.
*Details:* *A security hole in the SAMBA server allows unauthorized remote users to obtain root access on the Samba server. Known exploits are architecture specific to Intel platforms. _Note_: These findings indicate a possible buffer overflow condition. Even if the above reference does not indicate the same server as on the scanned system, check the server for core files created at the time of the scan and for indications in the log files that service was interrupted at the time of the scan. If either are
found, the server is likely vulnerable to a buffer overflow condition.
*Fix:**Download new version of samba from:
Samba? I don't think I've ever come across that (don't run it - what is it?)... Can't just remove NETBIOS, can I? Sorry I'm newbie when it comes to networking.rh71.com
September 5th, 2002, 11:22 AM #2
Not Samba but Server Message Block (SMB) protocol
That is a very old security finding (1999). I don't remember much of anything about it but it should be irrelevant with today's OSes and related patches.
September 5th, 2002, 11:39 AM #3
ok thx! Can anyone confirm this?rh71.com
September 5th, 2002, 11:40 AM #4
- Join Date
- Oct 2001
Netbios is very common on a standard windows network .. if you're just connecting to the internet with no other windows boxes on your LAN then it may be something to be concerned about.
If you're connecting to another windows box than Netbios would be expected.
Samba is an application used on linux to allow access to windows shares so I don't think you need to be too concerned with thatHelicopters don't fly; they vibrate so much and make so much noise that the earth rejects them.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)