CVE-2012-1586

low

Description

mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message.

References

https://bugzilla.samba.org/show_bug.cgi?id=8821

http://www.openwall.com/lists/oss-security/2012/03/27/6

http://www.openwall.com/lists/oss-security/2012/03/27/1

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00024.html

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=665923

Details

Source: Mitre, NVD

Published: 2012-08-27

Updated: 2012-08-28

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 3.3

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N