Hi,
In our society we are using Alfresco, and some of the port that alfresco use is port 445 (smb service), the vulnerability here is : CVE-1999-0519 (cifs-null-session-permitted) , to remediate and fix the vulnerability we have to Restrict anonymous access, but to do that we have to add two lines in smb.conf :
guest account = nobody
restrict anonymous = 1
In alfresco where to find SMB configuration file to fix this vulnerability, The OS used is Debian.
Best Regards
Hi,
Can someone knows how to fix this please.
Best regards
Hi:
Alfresco CIFS is not a SMB-like implementation, I mean you do not have smb.conf
By the way, I think Alfresco CIFS is going to be discontinued in a near future (Alfresco 6.x)
Anyway maybe you feel safer with the following properties in alfresco-global.properties
alfresco.authentication.allowGuestLogin=false
passthru.authentication.guestAccess=false
Regards.
--C.
Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.
Related links:
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.