7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
Steve Kemp from the Debian Security Audit project discovered that gsambad,
a GTK+ configuration tool for samba, uses temporary files in an unsafe
manner which may be exploited to truncate arbitrary files from the local system.
For the stable distribution (etch) this problem has been fixed in
version 0.1.4-2etch1.
For the unstable distribution (sid) this problem will be fixed shortly.
We recommend that you upgrade your gsambad package.