CVE-2003-0086

Name of the Vulnerable Software and Affected Versions Samba versions prior to 2.2.8 Samba-swat versions 2.0.10 and 2.2.7 Samba-client versions 2.0.10 and 2.2.7 Samba-common versions 2.0.10 and 2.2.7

Description The issue affects the Samba package in Red Hat Linux, allowing for remote exploitation that may lead to a breach of confidentiality, integrity, and availability of protected information. A race condition involving chown in the code for writing reg files in Samba before version 2.2.8 enables local users to overwrite arbitrary files.

Recommendations For Samba versions prior to 2.2.8, update to version 2.2.8 or later. For Samba-swat versions 2.0.10 and 2.2.7, update to a version later than 2.2.7. For Samba-client versions 2.0.10 and 2.2.7, update to a version later than 2.2.7. For Samba-common versions 2.0.10 and 2.2.7, update to a version later than 2.2.7. As a temporary workaround, consider restricting access to the vulnerable Samba packages until a patch is available.