CVE-2000-0935

Name of the Vulnerable Software and Affected Versions Samba version 2.0.7

Description The issue allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file in the Samba Web Administration Tool (SWAT).

Recommendations For Samba version 2.0.7, consider restricting access to the SWAT tool until a fix is available, and avoid using the cgi.log file in a manner that could be exploited by a symlink attack. At the moment, there is no information about a newer version that contains a fix for this vulnerability.