Test ID:	1.3.6.1.4.1.25623.1.0.831567
Category:	Mandrake Local Security Checks
Title:	Mandriva Update for cifs-utils MDVSA-2012:069 (cifs-utils)
Summary:	The remote host is missing an update for the 'cifs-utils'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'cifs-utils' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been found and corrected in cifs-utils: A file existence dislosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS (Common Internet File System) filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm (non) existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run (CVE-2012-1586). The updated packages have been patched to correct this issue. Affected Software/OS: cifs-utils on Mandriva Linux 2011.0, Mandriva Linux 2010.1 Solution: Please Install the Updated Packages. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1586 SUSE-SU-2012:0575 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00024.html [oss-security] 20120327 CVE id request: cifs-utils http://www.openwall.com/lists/oss-security/2012/03/27/1 [oss-security] 20120327 Re: CVE id request: cifs-utils http://www.openwall.com/lists/oss-security/2012/03/27/6 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=665923 https://bugzilla.samba.org/show_bug.cgi?id=8821
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.