Web lists-archives.com

Re: [Samba] Require help on removing SAMBA





> Date: Tuesday, April 11, 2017 11:19:59 +0000
> From: "M, Suganthi via samba" <samba@xxxxxxxxxxxxxxx>
> 
> sun1333 $ svcs -a | grep samba                     
> disabled       Apr_08   svc:/network/samba:default
> 
> I see SAMBA is already disabled with the above information but when
> vulnerability scan is done on our server we are reported with below
> vulnerabilities from SAMBA 3.0.24
> 
> Samba receive_smb_raw() Remote Code Execution Vulnerability
> Samba MS-RPC Request Parsing Heap Buffer Overflows
> Samba Remote Command Injection Vulnerability  
> 
> we don’t want to apply patch as we are not using it . I am also
> searching google for more help to remove it . Thanks for your
> inputs. 

A "netstat", including the "-p" flag (assuming solaris supports
that), will show the "programs"/binaries behind open ports. That
should help you identify relevant pieces that you would need to shut
down and remove. Assuming that the word "samba" will appear on these
(or in other places) is being a little hopeful. Your man page for
samba (assuming it was installed) should give some hints however.



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba