Summary
SWAT (Samba Web Administration Tool) is running on this port.
SWAT allows Samba users to change their passwords, and offers to the sysadmin an easy-to-use GUI to configure Samba.
However, it is not recommended to let SWAT be accessed by the world, as it allows an intruder to attempt to brute force some accounts passwords.
In addition to this, the traffic between SWAT and web clients is not ciphered, so an eavesdropper can gain clear text passwords easily.
Solution
Disable SWAT access from the outside network by making your firewall filter this port.
If you do not need SWAT, disable it by commenting the relevant /etc/inetd.conf line.
Severity
Classification
-
CVE CVE-2000-0935 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities