Trustix: Samba potential symlink vulnerability

14

Author: JT Smith

LinuxSecurity.com: “A remote attacker can use a netbios name containing unix path
characters which will then be substituted into the %m macro wherever
it occurs in smb.conf. This can be used to cause Samba to create a log
file on top of an important system file, which in turn can be used to
compromise security on the server.”

Category:

  • Linux