MDVSA-2010:090 -- Mandriva sambaID: oval:org.secpod.oval:def:300153 | Date: (C)2012-01-07 (M)2023-11-13 |
Class: PATCH | Family: unix |
Multiple vulnerabilies has been found and corrected in samba: client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify that the device name and mountpoint strings are composed of valid characters, which allows local users to cause a denial of service via a crafted string . client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file . The updated packages have been patched to correct these issues.
Platform: |
Mandriva Linux 2010.0 |
Mandriva Linux 2009.0 |
Mandriva Linux 2009.1 |
Mandriva Linux 2008.0 |