smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client. See: https://bugzilla.samba.org/show_bug.cgi?id=7222#c15
CVE-2010-0728 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0728): smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client.
http://www.samba.org/samba/security/CVE-2010-0728 =net-fs/samba-3.4.9 is fixed and currently the only stable version in the tree. I rate this a B4, so it requires a vote. GLSA Vote: Yes.
Added to pending GLSA.
This issue was resolved and addressed in GLSA 201206-22 at http://security.gentoo.org/glsa/glsa-201206-22.xml by GLSA coordinator Sean Amoss (ackle).