CVE-2013-4475

Name of the Vulnerable Software and Affected Versions Samba versions 3.2.x through 3.6.x before 3.6.20 Samba versions 4.0.x before 4.0.11 Samba versions 4.1.x before 4.1.1

Description The issue is related to a lack of privilege control and access management mechanisms in the vfs streams depot or vfs streams xattr functions of Samba network interaction programs. This can allow a remote attacker to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS), potentially gaining access to confidential data and compromising its integrity.

Recommendations For Samba versions 3.2.x through 3.6.x before 3.6.20, update to version 3.6.20 or later. For Samba versions 4.0.x before 4.0.11, update to version 4.0.11 or later. For Samba versions 4.1.x before 4.1.1, update to version 4.1.1 or later. As a temporary workaround, consider disabling the vfs streams depot and vfs streams xattr functions until a patch is available.