Samba · Samba · CVE-2013-1863
**Name of the Vulnerable Software and Affected Versions**
Samba versions 4.x before 4.0.4
**Description**
The issue exists in Samba when configured as an Active Directory domain controller, where non-default CIFS shares have world-writable permissions. This allows remote authenticated users to read, modify, create, or delete arbitrary files via standard filesystem operations.
**Recommendations**
For Samba versions 4.x before 4.0.4, update to version 4.0.4 or later to resolve the issue. As a temporary workaround, consider restricting write access to non-default CIFS shares to minimize the risk of exploitation.