On Red Hat Enterprise Linux, by default, mount.cifs is not provided with the setuid bit enabled. If a user has turned on the setuid bit (via chmod +s /sbin/mount.cifs), they would be affected by this issue, and can work around the problem by removing the setuid bit.
Red Hat Enterprise Linux 3 does not provide the mount.cifs program.
CVSS v2 metrics
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
|Red Hat Enterprise Linux 5 (samba3x)||RHSA-2011:1220||2011-08-29|
|Red Hat Enterprise Linux 6||RHSA-2011:1221||2011-08-29|
|Red Hat Enterprise Linux 4 (samba)||RHSA-2011:1219||2011-08-29|
|Red Hat Enterprise Linux 5 (samba)||RHSA-2011:1219||2011-08-29|
AcknowledgementsRed Hat would like to thank Dan Rosenberg for reporting this issue.
CVE description copyright © 2017, The MITRE Corporation