Mandriva Linux Security Advisory 2010-090 – client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. The updated packages have been patched to correct these issues.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/89201/MDVSA-2010-090.txt
Source: https://packetstormsecurity.com/files/89201/Mandriva-Linux-Security-Advisory-2010-090.html