|
|
Log in / Subscribe / Register

cifs-utils: file existence disclosure flaw

Package(s):cifs-utils CVE #(s):CVE-2012-1586
Created:May 1, 2012 Updated:July 16, 2012
Description: From the Red Hat bugzilla:

A file existence disclosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS (Common Internet File System) filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm (non) existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run.

Alerts:
SUSE SUSE-SU-2013:0325-1 Samba 2013-02-22
Mageia MGASA-2012-0162 samba 2012-07-13
CentOS CESA-2012:0902 cifs-utils 2012-07-10
Scientific Linux SL-cifs-20120709 cifs-utils 2012-07-09
Oracle ELSA-2012-0902 cifs-utils 2012-07-02
openSUSE openSUSE-SU-2012:0607-1 cifs-utils 2012-05-10
Mandriva MDVSA-2012:070 samba 2012-05-04
Mandriva MDVSA-2012:069 cifs-utils 2012-05-04
Red Hat RHSA-2012:0902-04 cifs-utils 2012-06-20
Fedora FEDORA-2012-6398 cifs-utils 2012-05-01
Fedora FEDORA-2012-6375 cifs-utils 2012-05-01
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds