Author Topic: vulnerability found in Buffalo TeraStation  (Read 2582 times)

chrislai

  • Calf
  • *
  • Posts: 5
vulnerability found in Buffalo TeraStation
« on: July 19, 2011, 10:29:54 PM »

I am using Buffalo TeraStation -- TS-X8.0TL/R5 model

 

there is 4 vulnerability found.
1.Remote User List Disclosure Using NetBIOS
2.Null Session/Password NetBIOS Access

How to fix the vulnerability?
Thanks.


chrislai

  • Calf
  • *
  • Posts: 5
Re: vulnerability found in Buffalo TeraStation
« Reply #1 on: July 21, 2011, 04:15:06 AM »

Anyone help?

 

one more information it is scan by the Qualysguard.

Level4 vulnerability found.

 

1.Remote User List Disclosure Using NetBIOS
2.Null Session/Password NetBIOS Access


chrislai

  • Calf
  • *
  • Posts: 5
Re: vulnerability found in Buffalo TeraStation
« Reply #2 on: July 24, 2011, 09:26:49 PM »

Please Help...


mrabdull

  • Calf
  • *
  • Posts: 1
Re: vulnerability found in Buffalo TeraStation
« Reply #3 on: July 23, 2019, 12:32:42 AM »
Hi Chrislai. Do you found the solution in the end? My NAS just being detected by Qualys just last 2 weeks and I keep trying to solve the vulnerabilities issue since.

1000001101000

  • Debian Wizard
  • Big Bull
  • *****
  • Posts: 1128
  • There's no problem so bad you cannot make it worse
Re: vulnerability found in Buffalo TeraStation
« Reply #4 on: July 23, 2019, 08:28:57 AM »
To be of any real help you'd need to specify the device you're using and what the scans are saying.

Generally speaking, with these types of security scans you have a few options:
1. make sure you have the latest firmware, it could be detecting something that has been fixed already.
2. Turn off un-needed services. If it's detecting an FTP vulnerability and you don't need FTP, turn it off.
3. Adjust configuration. If the scan is complaining about a publicly accessible share or a weak password you should be able to correct those issues directly.
4. If it's a false-positive of some kind you could consider omitting it from future scans.
5. If the device is no longer supported you could consider moving to a newer device.