TTCSIRT-205.040919: TT-CSIRT Advisory – Samba Security Updates
Samba Team has released a security update stating that Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, “winreg_SaveKey”, is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere as they have unix permissions to create a new file […]