A flaw was found in the way Samba handled ACLs on symbolic links. An
authenticated user could use this flaw to gain access to an arbitrary file or
directory by overwriting its ACL.
CVSS2 Base Score 3.5
This was fixed in samba-3.6.23-25.el6_7.x86_64 and later.
Apply Unitrends security update v10.29 from 07/27/2018 or later, containing samba-3.6.23-45.el6_9.x86_64