Visit Jeremy's Blog.
Go Back > Forums > Other *NIX Forums > *BSD
User Name
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.


  Search this Thread
Old 01-20-2013, 01:12 AM   #1
Registered: Nov 2008
Location: Washington state, USA
Distribution: BSD, GNU/Linux (Slackware, etc.,) openSolaris
Posts: 215

Rep: Reputation: 23
OpenBSD Samba vulnerability

I set up shared folders with Samba & SWAT on OpenBSD 5.2 and accessed them from Slackware and Windows. I decided to restrict the shared folders to one user who has a non-null password. I restarted Samba and was still able to access the folders without login.
Old 01-21-2013, 03:21 AM   #2
Registered: Mar 2007
Distribution: OpenBSD-CURRENT
Posts: 485
Blog Entries: 150

Rep: Reputation: 74
Did you restart smbd and nmbd? Does the user have a valid *samba* password, or just system password? Can you verify the share config after using swat to make changes (i.e. the actual configuration file, not what swat is telling you)?

Last edited by rocket357; 01-21-2013 at 03:22 AM.
Old 01-21-2013, 03:36 AM   #3
Registered: Nov 2008
Location: Washington state, USA
Distribution: BSD, GNU/Linux (Slackware, etc.,) openSolaris
Posts: 215

Original Poster
Rep: Reputation: 23
When I said I restarted samba, I meant '/etc/rc.d/samba,' which I as far as I know, restarts smbd; I do not know what nmbd is. I no longer have the smb.conf and do not recall if I set up a samba password; I thought I just set up a 'guest' folder and it started working, but I might have set up passwords. If I did, they would have been the same as for the users, or blank, but my point is if I removed guest sharing, Windows would be logging in as 'nobody' and should not be able to access these folders anymore that are not owned by 'nobody'... unless I would have had to restart nmbd.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Vulnerability in Samba provides access to files LXer Syndicated Linux News 0 02-10-2010 05:41 AM
OpenBSD 4.0 Samba/Winbind HiOctane21 *BSD 0 03-19-2007 04:59 AM
WARN: Samba Vulnerability Capt_Caveman Linux - Security 0 12-17-2004 11:59 PM
OpenBSD Vulnerability leeach *BSD 4 04-21-2004 03:01 AM
OpenBSD IP6 Vulnerability leeach *BSD 10 03-18-2004 07:33 PM

All times are GMT -5. The time now is 06:18 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration