|Category:||Information Leak / Disclosure|
Published on 28/08/12 - Updated on 28/08/12
mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message.
CWE-200 (Information Exposure)
An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
|SUSE-SU-2012:0571, SUSE-SU-2012:0575, SUSE-SU-2013:0325|