On Tue, Jan 20, 2004 at 11:33:52AM -0600, Jonathan C. Detert wrote:
> - readable shares are only a vulnerability if they contain files which
> themselves contain secretive info (such as password hashes);
Passwords hashes, company information, and so on.
> - writable shares are only a vulnerabilitiy :
>
> a) because they allow the possibility of denying service to the
> remote box (by filling a disk partition)
> b) because they may contain files that the o.s. depends on, and
> an attacker may thereby be able to trick/confuse the o.s. by
> replacing such a file with one designed to give the attacker
> greater privileges.
> c) because attackers may be able to spread virii by installing
> them on writable shares, and hoping that the end-user opens
> them.
And more importantly :
d) because attacker make you liable for the stuff they store
on your computer. If an attacker upload warez or illegal
pornographic material on your computer, then *you* get
busted.
> Do you think those are valid reasons to consider the 10396 vulnerability
> worthy of notice?
Yes. The only case where an open share is not significant is when they
are open by design and only contain public information. And if your
infostructure is somehow well administrated, you should not have many
computers with such a share - everything should be centralized to a file
server.
-- Renaud
_______________________________________________
Nessus mailing list
[EMAIL PROTECTED]
http://mail.nessus.org/mailman/listinfo/nessus
