Mandriva Update For Cifs-utils MDVSA-2012:069 (cifs-utils) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability has been found and corrected in cifs-utils: A file existence dislosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS (Common Internet File System) filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm (non) existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run (CVE-2012-1586). The updated packages have been patched to correct this issue.

Affected

cifs-utils on Mandriva Linux 2011.0, Mandriva Linux 2010.1

Severity

Classification

CVE CVE-2012-1586

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Mandriva Update for mutt MDKSA-2007:113 (mutt)
Mandriva Update for virtualbox MDVSA-2010:059 (virtualbox)
Mandriva Update for vixie-cron MDKSA-2007:234 (vixie-cron)
Mandriva Update for ncpfs MDVSA-2010:061 (ncpfs)
Mandriva Update for util-linux MDKSA-2007:053 (util-linux)

Mandriva Update for cifs-utils MDVSA-2012:069 (cifs-utils)

Take action and discover your vulnerabilities