Problem To fix vulnerability in Alfresco -SMB Sevice

cancel
Showing results for 
Search instead for 
Did you mean: 
securityteam
Active Member

Problem To fix vulnerability in Alfresco -SMB Sevice

Hi,

In our society we are using Alfresco, and some of the port that alfresco use is port 445 (smb service), the vulnerability here is : CVE-1999-0519 (cifs-null-session-permitted) , to remediate and fix the vulnerability we have to Restrict anonymous access, but to do that we have to add two lines in smb.conf :

guest account = nobody

restrict anonymous = 1

In alfresco where to find SMB configuration file to fix this vulnerability, The OS used is Debian.

Best Regards


					
				
			
			
				
			
			
				
			
			
			
			
			
			
		
2 Replies
securityteam
Active Member

Re: Problem To fix vulnerability in Alfresco -SMB Sevice

Hi,

Can someone knows how to fix this please.

Best regards

cesarista
Customer

Re: Problem To fix vulnerability in Alfresco -SMB Sevice

Hi:

Alfresco CIFS is not a SMB-like implementation, I mean you do not have smb.conf

By the way, I think Alfresco CIFS is going to be discontinued in a near future (Alfresco 6.x)

Anyway maybe you feel safer with the following properties in alfresco-global.properties

alfresco.authentication.allowGuestLogin=false

passthru.authentication.guestAccess=false

Regards.

--C.