- Overview
- Features
- Architecture & Open API
- Try NeXpose
- Buy NeXpose
- System Requirements
- Vulnerabilities Tested
- NeXpose Information
Search Hints:
Try searching for a product or vendor.
Only vulnerabilities that match all search terms will be returned.
Enclose search terms in double quotes for an exact search.
For CVE searches, only enter the CVE-YYYY-XXXX code.
Try searching for a product or vendor.
Only vulnerabilities that match all search terms will be returned.
Enclose search terms in double quotes for an exact search.
For CVE searches, only enter the CVE-YYYY-XXXX code.
NeXpose Vulnerability Database
< Previous Next >CIFS Share Writeable By Everyone
Severity |
CVSS |
Published |
Added |
Modified |
|---|---|---|---|---|
| Severe (7) | 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N) | N/A | Dec 27, 2007 | Dec 27, 2007 |
Description:
A share was found which allows write access by anyone. The impact of this vulnerability could include:
- Total system compromise (if the share point allows write access to critical system files)
- Untraceable modification of important data
- Denial of service by filling up the disk
References:
- CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0520
- XF: http://xforce.iss.net/xforce/xfdb/19
Solution:
Adjust the share permissions to be more secure
Adjust the share permissions to restrict access to only those members of the organization who need the data. It is considered bad practice to grant the "Everyone", "Guest", or "Authenticated Users" groups read or write access to a share.
Information on these pages is summary information extracted from the NeXpose Vulnerabilty Assessment system. Full details are provided within the NeXpose product for licensed users.