FreeBSD : samba -- ACLs are not checked on opening an alternate data stream on a file or directory (a4f08579-516c-11e3-9b62-000c292e4fd8)
Medium Nessus Plugin ID 70966
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe Samba project reports :
Samba versions 3.2.0 and above (all versions of 3.2.x, 3.3.x, 3.4.x, 3.5.x, 3.6.x, 4.0.x and 4.1.x) do not check the underlying file or directory ACL when opening an alternate data stream.
According to the SMB1 and SMB2+ protocols the ACL on an underlying file or directory should control what access is allowed to alternate data streams that are associated with the file or directory.
SolutionUpdate the affected packages.