• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Samba REG File Writing Race Condition Vulnerability

A race condition vulnerability has been reported for Samba. The vulnerability occurs when Samba attempts to write reg files. However, it may be possible to create a symbolic link in a crucial point of program execution that would result in the overwriting of files pointed to by the link. This will only occur if the files are writeable by the Samba process.

Successful exploitation may cause local files to be corrupted. If files can be corrupted with custom data, this may result in privilege elevation.

Full details of this vulnerability are not currently known. The BID will be updated as further details are disclosed.