Samba · Samba · CVE-2004-0186
**Name of the Vulnerable Software and Affected Versions**
Samba versions 2.x through 3.x
**Description**
The issue allows local users to gain root privileges by mounting a Samba share that contains a setuid root program. This occurs because the setuid attributes are not cleared when the share is mounted. The problem may lead to a loss of confidentiality, integrity, and/or availability.
**Recommendations**
For Samba versions 2.x through 3.x, consider removing the setuid bit from smbmnt to prevent local users from gaining root privileges. As a temporary workaround, restrict the mounting of Samba shares that contain setuid root programs until a proper fix is applied.