Samba · Samba · CVE-2021-44141
**Name of the Vulnerable Software and Affected Versions**
Samba versions prior to 4.15.5
**Description**
The issue allows a malicious client to use a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. This can be exploited when SMB1 with unix extensions is enabled.
**Recommendations**
For versions prior to 4.15.5, update to version 4.15.5 or later to resolve the issue. As a temporary workaround, consider disabling SMB1 with unix extensions until a patch is available. Restrict access to sensitive areas of the server file system to minimize the risk of exploitation.