Microsoft Windows SMB Guest Account Local User Access

high Nessus Plugin ID 26919

Language:

Synopsis

It is possible to log into the remote host.

Description

The remote host is running one of the Microsoft Windows operating systems or the SAMBA daemon. It was possible to log into it as a guest user using a random account.

Solution

In the group policy change the setting for 'Network access: Sharing and security model for local accounts' from 'Guest only - local users authenticate as Guest' to 'Classic - local users authenticate as themselves'. Disable the Guest account if applicable.

If the SAMBA daemon is running, double-check the SAMBA configuration around guest user access and disable guest access if appropriate

Plugin Details

Severity: High

ID: 26919

File Name: smb_guest_account.nasl

Version: 1.19

Type: remote

Agent: windows

Family: Windows

Published: 10/4/2007

Updated: 9/21/2020

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Av:n is justified since the plugin tries to login via network services. nist specifies that the vulnerability pertains to a domain user. given that the plugin only tests for a guest account, which likely has limited permissions, the cia is partial instead of complete.

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-1999-0505

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/guest_enabled

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1/1/1999

Exploitable With

Metasploit (Microsoft Windows Authenticated Powershell Command Execution)

Reference Information

CVE: CVE-1999-0505

Detections

Analytics