CVE-2012-1586 - Vulnerability Details - OpenCVE

mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00514.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Cifs-utils
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:a:debian:cifs-utils:2.6:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 6
cifs-utils-0:4.8.1-10.el6	cpe:/o:redhat:enterprise_linux:6	RHSA-2012:0902	2012-06-19T00:00:00Z

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2012-1602	mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=665923
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00024.html
http://www.openwall.com/lists/oss-security/2012/03/27/1
http://www.openwall.com/lists/oss-security/2012/03/27/6
https://bugzilla.samba.org/show_bug.cgi?id=8821
https://nvd.nist.gov/vuln/detail/CVE-2012-1586
https://www.cve.org/CVERecord?id=CVE-2012-1586

History

Sat, 12 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00227}`	epss `{'score': 0.00514}`

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-08-27T23:00:00Z

Updated: 2024-08-06T19:01:02.798Z

Reserved: 2012-03-12T00:00:00Z

Link: CVE-2012-1586

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2012-08-27T23:55:01.507

Modified: 2025-04-11T00:51:21.963

Link: CVE-2012-1586

Redhat

Severity : Low

Publid Date: 2012-03-21T00:00:00Z

Links: CVE-2012-1586 - Bugzilla

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2012-08-27T23:00:00Z"}, "references": [{"name": "SUSE-SU-2012:0575", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00024.html"}, {"name": "[oss-security] 20120327 Re: CVE id request: cifs-utils", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/03/27/6"}, {"name": "[oss-security] 20120327 CVE id request: cifs-utils", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/03/27/1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.samba.org/show_bug.cgi?id=8821"}, {"tags": ["x_refsource_MISC"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=665923"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:01:02.798Z"}, "title": "CVE Program Container", "references": [{"name": "SUSE-SU-2012:0575", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00024.html"}, {"name": "[oss-security] 20120327 Re: CVE id request: cifs-utils", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/03/27/6"}, {"name": "[oss-security] 20120327 CVE id request: cifs-utils", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/03/27/1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.samba.org/show_bug.cgi?id=8821"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=665923"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-1586", "state": "PUBLISHED", "dateReserved": "2012-03-12T00:00:00Z", "datePublished": "2012-08-27T23:00:00Z", "dateUpdated": "2024-08-06T19:01:02.798Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:debian:cifs-utils:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "A2B2C208-F9BB-42E3-9F64-1D041165DD16", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message."}, {"lang": "es", "value": "mount.cifs en cifs-utils v2.6 permite a los usuarios locales determinar la existencia de ficheros o directorios arbitrarios a trav\u00e9s de la ruta del archivo en el segundo argumento, que revela la existencia de un mensaje de error."}], "id": "CVE-2012-1586", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-08-27T23:55:01.507", "references": [{"source": "secalert@redhat.com", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=665923"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00024.html"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/03/27/1"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/03/27/6"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.samba.org/show_bug.cgi?id=8821"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=665923"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00024.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/03/27/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/03/27/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.samba.org/show_bug.cgi?id=8821"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}