Ricky Nance

**Name of the Vulnerable Software and Affected Versions** Samba versions 4.x before 4.0.4 **Description** The issue exists in Samba when configured as an Active Directory domain controller, where non-default CIFS shares have world-writable permissions. This allows remote authenticated users to read, modify, create, or delete arbitrary files via standard filesystem operations. **Recommendations** For Samba versions 4.x before 4.0.4, update to version 4.0.4 or later to resolve the issue. As a temporary workaround, consider restricting write access to non-default CIFS shares to minimize the risk of exploitation.