000016232 - Vulnerbility reported against RSA SecurID Appliance 3.0 SP4 'Samba Symlink Directory Traversal Vulnerability (CVE-2010-0926)'

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000016232
Applies ToRSA SecurID Appliance 3.0 SP4
IssueQuestion on whether the Appliance is vulnerable to "Samba Symlink Directory Traversal Vulnerability (CVE-2010-0926)"
Vulnerability scan reported:
Samba Symlink Directory Traversal Vulnerability (CVE-2010-0926)
(widelinks)
in /usr/sbin/smbd
/etc/samba/smb.conf
ResolutionBy default the smb service of samba is not configured to run on the Appliance. RSA does not document enabling or configuring samba. You can check the status of the smb service by running the command: chkconfig --list | grep smb. This will show the service run levels are off.
Legacy Article IDa58146

Attachments

    Outcomes