June 27, 2001

Trustix: Samba potential symlink vulnerability

Author: JT Smith

LinuxSecurity.com: "A remote attacker can use a netbios name containing unix path
characters which will then be substituted into the %m macro wherever
it occurs in smb.conf. This can be used to cause Samba to create a log
file on top of an important system file, which in turn can be used to
compromise security on the server."


  • Linux
Click Here!