Matt Weatherford

**Name of the Vulnerable Software and Affected Versions** Likewise Open versions 5.4 through 5.4 before build 8046 Likewise Open versions 6.0 through 6.0 before build 8234 CIFS versions 5.4 through 5.4 before build 8046 CIFS versions 6.0 through 6.0 before build 8234 **Description** The issue allows remote attackers to bypass authentication for a Likewise Security Authority (lsassd) account whose password is marked as expired, due to the use of "SetPassword logic" when running as part of a root service. **Recommendations** For Likewise Open versions 5.4 through 5.4 before build 8046, update to build 8046 or later. For Likewise Open versions 6.0 through 6.0 before build 8234, update to build 8234 or later. For CIFS versions 5.4 through 5.4 before build 8046, update to build 8046 or later. For CIFS versions 6.0 through 6.0 before build 8234, update to build 8234 or later.