CVE-1999-1288

Name of the Vulnerable Software and Affected Versions Samba version 1.9.18

Description The issue arises from a prototype application, wsmbconf, being inadvertently included in Samba. This application is installed with incorrect permissions, including the setgid bit. As a result, local users can read and write files, potentially exploiting bugs in the program to gain privileges.

Recommendations For Samba version 1.9.18, consider removing the setgid bit from the wsmbconf application to prevent local users from exploiting incorrect permissions. Additionally, restrict access to the wsmbconf application until a proper fix is available.