CVE-2011-3585

Name of the Vulnerable Software and Affected Versions Samba versions 3.5.6 through 3.6

Description The issue involves multiple race conditions in the mount.cifs and umount.cifs programs, allowing local users to cause a denial of service via a SIGKILL signal during a specific time window when the /etc/mtab~ file exists. This can lead to a mounting outage. The vulnerability can be exploited remotely, potentially disrupting confidentiality, integrity, and availability of protected information.

Recommendations For Samba versions 3.5.6 through 3.6, consider disabling the mount.cifs and umount.cifs programs as a temporary workaround until a patch is available. Restrict access to the /etc/mtab~ file to minimize the risk of exploitation. Avoid using the SIGKILL signal during the time window when the /etc/mtab~ file exists. At the moment, there is no information about a newer version that contains a fix for this vulnerability.