| Package | samba |
|---|---|
| Version | 2:3.6.6-6+deb7u19 |
| Related CVEs | CVE-2019-3880 |
A flaw was found in the way Samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could have used this flaw to create a new registry hive file anywhere they had unix permissions which could have lead to creation of a new file in the Samba share.
For Debian 7 Wheezy, these problems have been fixed in version 2:3.6.6-6+deb7u19.
We recommend that you upgrade your samba packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.