FreeBSD advisory: samba


Author: JT Smith

“The samba ports, versions prior to samba-2.0.8 and samba-devel-2.2.0,
contain /tmp races that may allow local users to cause arbitrary
files and devices to be overwritten. Due to easily predictable
printer queue cache file names, local users may create symbolic links
to any file or device causing it to be corrupted when a remote user
accesses a printer. In addition, the file will be left with world-
writable permission allowing any user to enter their own data.” Full details at


  • Linux