Vulnerabilites related to fedoraproject - sssd
cve-2013-0220
Vulnerability from cvelistv5
Published
2013-02-24 19:00
Modified
2024-08-06 14:18
Severity ?
EPSS score ?
Summary
The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of service (out-of-bounds read, crash, and restart) via a crafted SSSD packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fedorahosted.org/sssd/ticket/1781 | x_refsource_CONFIRM | |
| https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/51928 | third-party-advisory, x_refsource_SECUNIA | |
| http://git.fedorahosted.org/cgit/sssd.git/commit/?id=30e2585dd46b62aa3a4abdf6de3f40a20e1743ab | x_refsource_CONFIRM | |
| http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html | vendor-advisory, x_refsource_FEDORA | |
| http://rhn.redhat.com/errata/RHSA-2013-0508.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=884601 | x_refsource_MISC | |
| http://git.fedorahosted.org/cgit/sssd.git/commit/?id=2bd514cfde1938b1e245af11c9b548d58d49b325 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/52315 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/57539 | vdb-entry, x_refsource_BID | |
| http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T14:18:09.559Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fedorahosted.org/sssd/ticket/1781", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4", }, { name: "51928", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/51928", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=30e2585dd46b62aa3a4abdf6de3f40a20e1743ab", }, { name: "FEDORA-2013-1795", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html", }, { name: "RHSA-2013:0508", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0508.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=884601", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=2bd514cfde1938b1e245af11c9b548d58d49b325", }, { name: "52315", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/52315", }, { name: "57539", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/57539", }, { name: "FEDORA-2013-1826", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of service (out-of-bounds read, crash, and restart) via a crafted SSSD packet.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-02-24T19:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fedorahosted.org/sssd/ticket/1781", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4", }, { name: "51928", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/51928", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=30e2585dd46b62aa3a4abdf6de3f40a20e1743ab", }, { name: "FEDORA-2013-1795", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html", }, { name: "RHSA-2013:0508", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0508.html", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=884601", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=2bd514cfde1938b1e245af11c9b548d58d49b325", }, { name: "52315", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/52315", }, { name: "57539", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/57539", }, { name: "FEDORA-2013-1826", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-0220", datePublished: "2013-02-24T19:00:00Z", dateReserved: "2012-12-06T00:00:00Z", dateUpdated: "2024-08-06T14:18:09.559Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-4341
Vulnerability from cvelistv5
Published
2011-01-25 00:00
Modified
2024-08-07 03:43
Severity ?
EPSS score ?
Summary
The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T03:43:14.801Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "43068", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43068", }, { name: "45961", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/45961", }, { name: "43055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43055", }, { name: "ADV-2011-0212", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0212", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=661163", }, { name: "FEDORA-2011-0364", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053337.html", }, { name: "sssd-pamparseindatav2-dos(64881)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/64881", }, { name: "RHSA-2011:0560", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0560.html", }, { name: "FEDORA-2011-0337", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053319.html", }, { name: "ADV-2011-0197", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0197", }, { name: "RHSA-2011:0975", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0975.html", }, { name: "SUSE-SR:2011:002", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", }, { name: "43053", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43053", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2011-01-21T00:00:00", descriptions: [ { lang: "en", value: "The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-16T14:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "43068", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43068", }, { name: "45961", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/45961", }, { name: "43055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43055", }, { name: "ADV-2011-0212", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0212", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=661163", }, { name: "FEDORA-2011-0364", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053337.html", }, { name: "sssd-pamparseindatav2-dos(64881)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/64881", }, { name: "RHSA-2011:0560", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0560.html", }, { name: "FEDORA-2011-0337", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053319.html", }, { name: "ADV-2011-0197", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0197", }, { name: "RHSA-2011:0975", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0975.html", }, { name: "SUSE-SR:2011:002", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", }, { name: "43053", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43053", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2010-4341", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "43068", refsource: "SECUNIA", url: "http://secunia.com/advisories/43068", }, { name: "45961", refsource: "BID", url: "http://www.securityfocus.com/bid/45961", }, { name: "43055", refsource: "SECUNIA", url: "http://secunia.com/advisories/43055", }, { name: "ADV-2011-0212", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0212", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=661163", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=661163", }, { name: "FEDORA-2011-0364", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053337.html", }, { name: "sssd-pamparseindatav2-dos(64881)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/64881", }, { name: "RHSA-2011:0560", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0560.html", }, { name: "FEDORA-2011-0337", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053319.html", }, { name: "ADV-2011-0197", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0197", }, { name: "RHSA-2011:0975", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0975.html", }, { name: "SUSE-SR:2011:002", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", }, { name: "43053", refsource: "SECUNIA", url: "http://secunia.com/advisories/43053", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-4341", datePublished: "2011-01-25T00:00:00", dateReserved: "2010-11-30T00:00:00", dateUpdated: "2024-08-07T03:43:14.801Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2011-1758
Vulnerability from cvelistv5
Published
2011-05-26 18:00
Modified
2024-08-06 22:37
Severity ?
EPSS score ?
Summary
The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=700867 | x_refsource_CONFIRM | |
| https://fedorahosted.org/sssd/ticket/856 | x_refsource_CONFIRM | |
| http://openwall.com/lists/oss-security/2011/04/29/4 | mailing-list, x_refsource_MLIST | |
| http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059619.html | vendor-advisory, x_refsource_FEDORA | |
| http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059532.html | vendor-advisory, x_refsource_FEDORA | |
| https://fedorahosted.org/pipermail/sssd-devel/2011-April/006138.html | mailing-list, x_refsource_MLIST | |
| https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.7 | x_refsource_CONFIRM | |
| http://git.fedorahosted.org/git/?p=sssd.git%3Ba=commit%3Bh=fffdae81651b460f3d2c119c56d5caa09b4de42a | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=700891 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T22:37:25.779Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=700867", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fedorahosted.org/sssd/ticket/856", }, { name: "[oss-security] 20110429 vulnerability in sssd 1.5.0+ (CVE-2011-1758)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2011/04/29/4", }, { name: "FEDORA-2011-5815", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059619.html", }, { name: "FEDORA-2011-6279", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059532.html", }, { name: "[sssd-devel] 20110429 SSSD Security Release 1.5.7", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://fedorahosted.org/pipermail/sssd-devel/2011-April/006138.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.7", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/git/?p=sssd.git%3Ba=commit%3Bh=fffdae81651b460f3d2c119c56d5caa09b4de42a", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=700891", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2011-05-26T18:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=700867", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://fedorahosted.org/sssd/ticket/856", }, { name: "[oss-security] 20110429 vulnerability in sssd 1.5.0+ (CVE-2011-1758)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2011/04/29/4", }, { name: "FEDORA-2011-5815", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059619.html", }, { name: "FEDORA-2011-6279", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059532.html", }, { name: "[sssd-devel] 20110429 SSSD Security Release 1.5.7", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://fedorahosted.org/pipermail/sssd-devel/2011-April/006138.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.7", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/git/?p=sssd.git%3Ba=commit%3Bh=fffdae81651b460f3d2c119c56d5caa09b4de42a", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=700891", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2011-1758", datePublished: "2011-05-26T18:00:00Z", dateReserved: "2011-04-19T00:00:00Z", dateUpdated: "2024-08-06T22:37:25.779Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-10852
Vulnerability from cvelistv5
Published
2018-06-26 14:00
Modified
2024-08-05 07:46
Severity ?
EPSS score ?
Summary
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2018/07/msg00019.html | mailing-list, x_refsource_MLIST | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10852 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2018:3158 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/104547 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T07:46:47.244Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[debian-lts-announce] 20180716 [SECURITY] [DLA 1429-1] sssd security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10852", }, { name: "RHSA-2018:3158", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3158", }, { name: "104547", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/104547", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "sssd", vendor: "[UNKNOWN]", versions: [ { status: "affected", version: "SSSD 1.16.3", }, ], }, ], datePublic: "2018-06-07T00:00:00", descriptions: [ { lang: "en", value: "The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.8, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-31T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[debian-lts-announce] 20180716 [SECURITY] [DLA 1429-1] sssd security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10852", }, { name: "RHSA-2018:3158", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3158", }, { name: "104547", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/104547", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2018-10852", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "sssd", version: { version_data: [ { version_value: "SSSD 1.16.3", }, ], }, }, ], }, vendor_name: "[UNKNOWN]", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3.", }, ], }, impact: { cvss: [ [ { vectorString: "3.8/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200", }, ], }, ], }, references: { reference_data: [ { name: "[debian-lts-announce] 20180716 [SECURITY] [DLA 1429-1] sssd security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00019.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10852", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10852", }, { name: "RHSA-2018:3158", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3158", }, { name: "104547", refsource: "BID", url: "http://www.securityfocus.com/bid/104547", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-10852", datePublished: "2018-06-26T14:00:00", dateReserved: "2018-05-09T00:00:00", dateUpdated: "2024-08-05T07:46:47.244Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2012-3462
Vulnerability from cvelistv5
Published
2019-12-26 20:14
Modified
2024-08-06 20:05
Severity ?
EPSS score ?
Summary
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3462 | x_refsource_MISC | |
| https://access.redhat.com/security/cve/cve-2012-3462 | x_refsource_MISC | |
| https://pagure.io/SSSD/sssd/issue/1470 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T20:05:12.697Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3462", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://access.redhat.com/security/cve/cve-2012-3462", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://pagure.io/SSSD/sssd/issue/1470", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "sssd", vendor: "sssd", versions: [ { status: "affected", version: "1.9.0", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.", }, ], problemTypes: [ { descriptions: [ { description: "Other", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-26T20:14:37", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3462", }, { tags: [ "x_refsource_MISC", ], url: "https://access.redhat.com/security/cve/cve-2012-3462", }, { tags: [ "x_refsource_MISC", ], url: "https://pagure.io/SSSD/sssd/issue/1470", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2012-3462", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "sssd", version: { version_data: [ { version_value: "1.9.0", }, ], }, }, ], }, vendor_name: "sssd", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Other", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3462", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3462", }, { name: "https://access.redhat.com/security/cve/cve-2012-3462", refsource: "MISC", url: "https://access.redhat.com/security/cve/cve-2012-3462", }, { name: "https://pagure.io/SSSD/sssd/issue/1470", refsource: "MISC", url: "https://pagure.io/SSSD/sssd/issue/1470", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2012-3462", datePublished: "2019-12-26T20:14:37", dateReserved: "2012-06-14T00:00:00", dateUpdated: "2024-08-06T20:05:12.697Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-12173
Vulnerability from cvelistv5
Published
2018-07-27 16:00
Modified
2024-08-05 18:28
Severity ?
EPSS score ?
Summary
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2017:3379 | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12173 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2018:1877 | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:28:16.645Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2017:3379", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:3379", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12173", }, { name: "RHSA-2018:1877", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:1877", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "sssd", vendor: "SSSD", versions: [ { status: "affected", version: "1.16.0", }, ], }, ], datePublic: "2017-10-03T00:00:00", descriptions: [ { lang: "en", value: "It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-07-28T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2017:3379", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:3379", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12173", }, { name: "RHSA-2018:1877", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:1877", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2017-12173", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "sssd", version: { version_data: [ { version_value: "1.16.0", }, ], }, }, ], }, vendor_name: "SSSD", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.", }, ], }, impact: { cvss: [ [ { vectorString: "4.3/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2017:3379", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:3379", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12173", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12173", }, { name: "RHSA-2018:1877", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:1877", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2017-12173", datePublished: "2018-07-27T16:00:00", dateReserved: "2017-08-01T00:00:00", dateUpdated: "2024-08-05T18:28:16.645Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-5292
Vulnerability from cvelistv5
Published
2015-10-29 16:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:09.410Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:2355", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2355.html", }, { name: "RHSA-2015:2019", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2019.html", }, { name: "[sssd-users] 20151021 A security bug in SSSD 1.10 and later (CVE-2015-5292)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://permalink.gmane.org/gmane.linux.redhat.sssd.user/3422", }, { name: "1034038", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034038", }, { name: "77529", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/77529", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch", }, { name: "FEDORA-2015-cdea5324a8", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169613.html", }, { name: "FEDORA-2015-202c127199", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169110.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1267580", }, { name: "FEDORA-2015-7b47df69d3", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169597.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fedorahosted.org/sssd/ticket/2803", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-10-11T00:00:00", descriptions: [ { lang: "en", value: "Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-05T22:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:2355", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2355.html", }, { name: "RHSA-2015:2019", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2019.html", }, { name: "[sssd-users] 20151021 A security bug in SSSD 1.10 and later (CVE-2015-5292)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://permalink.gmane.org/gmane.linux.redhat.sssd.user/3422", }, { name: "1034038", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034038", }, { name: "77529", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/77529", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch", }, { name: "FEDORA-2015-cdea5324a8", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169613.html", }, { name: "FEDORA-2015-202c127199", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169110.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1267580", }, { name: "FEDORA-2015-7b47df69d3", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169597.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://fedorahosted.org/sssd/ticket/2803", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5292", datePublished: "2015-10-29T16:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:09.410Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-0014
Vulnerability from cvelistv5
Published
2010-01-14 18:00
Modified
2024-09-16 20:47
Severity ?
EPSS score ?
Summary
System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting ticket (TGT); and might allow remote attackers to bypass intended access restrictions via vectors involving an arbitrary password in conjunction with a valid TGT.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/38160 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/37747 | vdb-entry, x_refsource_BID | |
| https://fedorahosted.org/sssd/wiki/Releases/Notes-1.0.1 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=553233 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:37:52.983Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "38160", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38160", }, { name: "37747", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/37747", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.0.1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=553233", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting ticket (TGT); and might allow remote attackers to bypass intended access restrictions via vectors involving an arbitrary password in conjunction with a valid TGT.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2010-01-14T18:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "38160", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38160", }, { name: "37747", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/37747", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.0.1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=553233", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2010-0014", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting ticket (TGT); and might allow remote attackers to bypass intended access restrictions via vectors involving an arbitrary password in conjunction with a valid TGT.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "38160", refsource: "SECUNIA", url: "http://secunia.com/advisories/38160", }, { name: "37747", refsource: "BID", url: "http://www.securityfocus.com/bid/37747", }, { name: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.0.1", refsource: "CONFIRM", url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.0.1", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=553233", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=553233", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-0014", datePublished: "2010-01-14T18:00:00Z", dateReserved: "2009-12-14T00:00:00Z", dateUpdated: "2024-09-16T20:47:31.841Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-4254
Vulnerability from cvelistv5
Published
2023-02-01 00:00
Modified
2025-03-27 14:42
Severity ?
EPSS score ?
Summary
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T01:34:49.913Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2149894", }, { tags: [ "x_transferred", ], url: "https://github.com/SSSD/sssd/issues/5135", }, { tags: [ "x_transferred", ], url: "https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274", }, { tags: [ "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2022-4254", }, { name: "[debian-lts-announce] 20230529 [SECURITY] [DLA 3436-1] sssd security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-4254", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-27T14:42:02.928527Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-90", description: "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-27T14:42:34.058Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "SSSD", vendor: "n/a", versions: [ { status: "affected", version: "Affects SSSD 1.15.3, Fixed in SSSD 2.3.1", }, ], }, ], descriptions: [ { lang: "en", value: "sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-90", description: "CWE-90 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-29T00:00:00.000Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://bugzilla.redhat.com/show_bug.cgi?id=2149894", }, { url: "https://github.com/SSSD/sssd/issues/5135", }, { url: "https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274", }, { url: "https://access.redhat.com/security/cve/CVE-2022-4254", }, { name: "[debian-lts-announce] 20230529 [SECURITY] [DLA 3436-1] sssd security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2022-4254", datePublished: "2023-02-01T00:00:00.000Z", dateReserved: "2022-12-01T00:00:00.000Z", dateUpdated: "2025-03-27T14:42:34.058Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-0219
Vulnerability from cvelistv5
Published
2013-02-24 19:00
Modified
2024-08-06 14:18
Severity ?
EPSS score ?
Summary
System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T14:18:09.487Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4", }, { name: "51928", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/51928", }, { name: "FEDORA-2013-1795", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html", }, { name: "RHSA-2013:0508", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0508.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=94cbf1cfb0f88c967f1fb0a4cf23723148868e4a", }, { name: "RHSA-2013:1319", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1319.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=020bf88fd1c5bdac8fc671b37c7118f5378c7047", }, { name: "52315", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/52315", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fedorahosted.org/sssd/ticket/1782", }, { name: "57539", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/57539", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=3843b284cd3e8f88327772ebebc7249990fd87b9", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=884254", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=e864d914a44a37016736554e9257c06b18c57d37", }, { name: "FEDORA-2013-1826", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-01-23T00:00:00", descriptions: [ { lang: "en", value: "System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-10-11T09:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4", }, { name: "51928", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/51928", }, { name: "FEDORA-2013-1795", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html", }, { name: "RHSA-2013:0508", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0508.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=94cbf1cfb0f88c967f1fb0a4cf23723148868e4a", }, { name: "RHSA-2013:1319", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1319.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=020bf88fd1c5bdac8fc671b37c7118f5378c7047", }, { name: "52315", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/52315", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://fedorahosted.org/sssd/ticket/1782", }, { name: "57539", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/57539", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=3843b284cd3e8f88327772ebebc7249990fd87b9", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=884254", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=e864d914a44a37016736554e9257c06b18c57d37", }, { name: "FEDORA-2013-1826", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-0219", datePublished: "2013-02-24T19:00:00", dateReserved: "2012-12-06T00:00:00", dateUpdated: "2024-08-06T14:18:09.487Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-3621
Vulnerability from cvelistv5
Published
2021-12-23 00:00
Modified
2024-08-03 17:01
Severity ?
EPSS score ?
Summary
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:01:07.617Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://sssd.io/release-notes/sssd-2.6.0.html", }, { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1975142", }, { name: "[debian-lts-announce] 20230529 [SECURITY] [DLA 3436-1] sssd security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "sssd", vendor: "n/a", versions: [ { status: "affected", version: "sssd 2.6.0", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-29T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://sssd.io/release-notes/sssd-2.6.0.html", }, { url: "https://bugzilla.redhat.com/show_bug.cgi?id=1975142", }, { name: "[debian-lts-announce] 20230529 [SECURITY] [DLA 3436-1] sssd security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-3621", datePublished: "2021-12-23T00:00:00", dateReserved: "2021-06-24T00:00:00", dateUpdated: "2024-08-03T17:01:07.617Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-3811
Vulnerability from cvelistv5
Published
2019-01-15 15:00
Modified
2025-02-13 16:27
Severity ?
EPSS score ?
Summary
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2019/01/msg00011.html | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/106644 | vdb-entry, x_refsource_BID | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3811 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00026.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00045.html | vendor-advisory, x_refsource_SUSE | |
| https://access.redhat.com/errata/RHSA-2019:2177 | vendor-advisory, x_refsource_REDHAT | |
| https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The sssd Project | sssd |
Version: 2.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:19:18.262Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[debian-lts-announce] 20190117 [SECURITY] [DLA 1635-1] sssd security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00011.html", }, { name: "106644", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106644", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3811", }, { name: "openSUSE-SU-2019:0344", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00026.html", }, { name: "openSUSE-SU-2019:1174", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00045.html", }, { name: "RHSA-2019:2177", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2177", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "sssd", vendor: "The sssd Project", versions: [ { status: "affected", version: "2.1", }, ], }, ], datePublic: "2018-12-04T00:00:00.000Z", descriptions: [ { lang: "en", value: "A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-552", description: "CWE-552", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-29T16:06:19.380Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[debian-lts-announce] 20190117 [SECURITY] [DLA 1635-1] sssd security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00011.html", }, { name: "106644", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106644", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3811", }, { name: "openSUSE-SU-2019:0344", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00026.html", }, { name: "openSUSE-SU-2019:1174", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00045.html", }, { name: "RHSA-2019:2177", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2177", }, { url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-3811", datePublished: "2019-01-15T15:00:00.000Z", dateReserved: "2019-01-03T00:00:00.000Z", dateUpdated: "2025-02-13T16:27:24.771Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16838
Vulnerability from cvelistv5
Published
2019-03-25 17:41
Modified
2025-02-13 16:27
Severity ?
EPSS score ?
Summary
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16838 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00042.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00051.html | vendor-advisory, x_refsource_SUSE | |
| https://access.redhat.com/errata/RHSA-2019:2177 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:2437 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:3651 | vendor-advisory, x_refsource_REDHAT | |
| https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:32:54.014Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16838", }, { name: "openSUSE-SU-2019:1576", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00042.html", }, { name: "openSUSE-SU-2019:1589", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00051.html", }, { name: "RHSA-2019:2177", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2177", }, { name: "RHSA-2019:2437", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2437", }, { name: "RHSA-2019:3651", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3651", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "sssd", vendor: "[UNKNOWN]", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-29T16:06:14.636Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16838", }, { name: "openSUSE-SU-2019:1576", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00042.html", }, { name: "openSUSE-SU-2019:1589", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00051.html", }, { name: "RHSA-2019:2177", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2177", }, { name: "RHSA-2019:2437", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2437", }, { name: "RHSA-2019:3651", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3651", }, { url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-16838", datePublished: "2019-03-25T17:41:18.000Z", dateReserved: "2018-09-11T00:00:00.000Z", dateUpdated: "2025-02-13T16:27:17.428Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16883
Vulnerability from cvelistv5
Published
2018-12-19 14:00
Modified
2024-08-05 10:32
Severity ?
EPSS score ?
Summary
sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/106264 | vdb-entry, x_refsource_BID | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16883 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:32:54.202Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "106264", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106264", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16883", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "sssd", vendor: "[UNKNOWN]", versions: [ { status: "affected", version: "2.0.0", }, ], }, ], datePublic: "2018-12-19T00:00:00", descriptions: [ { lang: "en", value: "sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the \"allowed_uids\" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 2.5, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-21T10:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "106264", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106264", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16883", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2018-16883", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "sssd", version: { version_data: [ { version_value: "2.0.0", }, ], }, }, ], }, vendor_name: "[UNKNOWN]", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the \"allowed_uids\" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.", }, ], }, impact: { cvss: [ [ { vectorString: "2.5/CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200", }, ], }, ], }, references: { reference_data: [ { name: "106264", refsource: "BID", url: "http://www.securityfocus.com/bid/106264", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16883", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16883", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2018-16883", datePublished: "2018-12-19T14:00:00", dateReserved: "2018-09-11T00:00:00", dateUpdated: "2024-08-05T10:32:54.202Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-2940
Vulnerability from cvelistv5
Published
2010-08-30 19:00
Modified
2024-08-07 02:55
Severity ?
EPSS score ?
Summary
The auth_send function in providers/ldap/ldap_auth.c in System Security Services Daemon (SSSD) 1.3.0, when LDAP authentication and anonymous bind are enabled, allows remote attackers to bypass the authentication requirements of pam_authenticate via an empty password.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/61399 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/41159 | third-party-advisory, x_refsource_SECUNIA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=625189 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T02:55:45.482Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "sssd-ldap-security-bypass(61399)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/61399", }, { name: "41159", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/41159", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=625189", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-08-24T00:00:00", descriptions: [ { lang: "en", value: "The auth_send function in providers/ldap/ldap_auth.c in System Security Services Daemon (SSSD) 1.3.0, when LDAP authentication and anonymous bind are enabled, allows remote attackers to bypass the authentication requirements of pam_authenticate via an empty password.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-16T14:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "sssd-ldap-security-bypass(61399)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/61399", }, { name: "41159", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/41159", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=625189", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-2940", datePublished: "2010-08-30T19:00:00", dateReserved: "2010-08-04T00:00:00", dateUpdated: "2024-08-07T02:55:45.482Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-0249
Vulnerability from cvelistv5
Published
2014-06-11 14:00
Modified
2024-08-06 09:05
Severity ?
EPSS score ?
Summary
The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.fedorahosted.org/pipermail/sssd-devel/2014-May/019495.html | mailing-list, x_refsource_MLIST | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1101751 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:05:39.493Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[SSSD] 20140513 On POSIX and non-POSIX groups", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.fedorahosted.org/pipermail/sssd-devel/2014-May/019495.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1101751", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-05-13T00:00:00", descriptions: [ { lang: "en", value: "The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-06-12T13:57:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[SSSD] 20140513 On POSIX and non-POSIX groups", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.fedorahosted.org/pipermail/sssd-devel/2014-May/019495.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1101751", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-0249", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[SSSD] 20140513 On POSIX and non-POSIX groups", refsource: "MLIST", url: "https://lists.fedorahosted.org/pipermail/sssd-devel/2014-May/019495.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1101751", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1101751", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-0249", datePublished: "2014-06-11T14:00:00", dateReserved: "2013-12-03T00:00:00", dateUpdated: "2024-08-06T09:05:39.493Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-0287
Vulnerability from cvelistv5
Published
2013-03-21 16:00
Modified
2024-08-06 14:18
Severity ?
EPSS score ?
Summary
The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T14:18:09.867Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2013:0559", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-03/msg00115.html", }, { name: "52704", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/52704", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=7619be9f6bf649665fcbeee9e6b120f9f9cba2a5", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6569d57e3bc168e6e83d70333b48c5cb43aa04c4", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=910938", }, { name: "[sssd-devel] 20130319 [SSSD] A security bug in SSSD 1.9 (CVE-2013-0287)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.fedorahosted.org/pipermail/sssd-devel/2013-March/014066.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=8b8019fe3dd1564fba657e219ec20ff816c7ffdb", }, { name: "58593", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/58593", }, { name: "52722", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/52722", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6837eee3f7f81c0ee454d3718d67d7f3cc6b48ef", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=c0bca1722d6f9dfb654ad78397be70f79ff39af1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=b63830b142053f99bfe954d4be5a2b0f68ce3a93", }, { name: "1028317", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1028317", }, { name: "RHSA-2013:0663", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0663.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=754b09b5444e6da88ed58d6deaed8b815e268b6b", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=26590d31f492dbbd36be6d0bde46a4bd3b221edb", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-02-23T00:00:00", descriptions: [ { lang: "en", value: "The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-05-15T09:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "openSUSE-SU-2013:0559", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-03/msg00115.html", }, { name: "52704", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/52704", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=7619be9f6bf649665fcbeee9e6b120f9f9cba2a5", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6569d57e3bc168e6e83d70333b48c5cb43aa04c4", }, { tags: [ "x_refsource_MISC", ], url: "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=910938", }, { name: "[sssd-devel] 20130319 [SSSD] A security bug in SSSD 1.9 (CVE-2013-0287)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.fedorahosted.org/pipermail/sssd-devel/2013-March/014066.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=8b8019fe3dd1564fba657e219ec20ff816c7ffdb", }, { name: "58593", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/58593", }, { name: "52722", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/52722", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6837eee3f7f81c0ee454d3718d67d7f3cc6b48ef", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=c0bca1722d6f9dfb654ad78397be70f79ff39af1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=b63830b142053f99bfe954d4be5a2b0f68ce3a93", }, { name: "1028317", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1028317", }, { name: "RHSA-2013:0663", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0663.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=754b09b5444e6da88ed58d6deaed8b815e268b6b", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=26590d31f492dbbd36be6d0bde46a4bd3b221edb", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-0287", datePublished: "2013-03-21T16:00:00", dateReserved: "2012-12-06T00:00:00", dateUpdated: "2024-08-06T14:18:09.867Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2010-08-30 20:00
Modified
2025-04-11 00:51
Severity ?
Summary
The auth_send function in providers/ldap/ldap_auth.c in System Security Services Daemon (SSSD) 1.3.0, when LDAP authentication and anonymous bind are enabled, allows remote attackers to bypass the authentication requirements of pam_authenticate via an empty password.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | sssd | 1.3.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "ABAEE5B2-54DA-4FB5-AD57-D00CAF17EE35", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The auth_send function in providers/ldap/ldap_auth.c in System Security Services Daemon (SSSD) 1.3.0, when LDAP authentication and anonymous bind are enabled, allows remote attackers to bypass the authentication requirements of pam_authenticate via an empty password.", }, { lang: "es", value: "La función auth_send de providers/ldap/ldap_auth.c de System Security Services Daemon (SSSD) v1.3.0, si la autenticación LDAP y vinculaciones (bind) anónimas están activadas, permite a atacantes remotos evitar los requisitos de autenticación de pam_authenticate a través de una contraseña vacía.", }, ], id: "CVE-2010-2940", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-08-30T20:00:02.390", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/41159", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=625189", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/61399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/41159", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=625189", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/61399", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-26 21:15
Modified
2024-11-21 01:40
Severity ?
Summary
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/cve-2012-3462 | Broken Link, Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3462 | Exploit, Issue Tracking, Patch | |
| secalert@redhat.com | https://pagure.io/SSSD/sssd/issue/1470 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2012-3462 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3462 | Exploit, Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://pagure.io/SSSD/sssd/issue/1470 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | sssd | 1.9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "288395D1-C084-48F5-B266-24CF02151F1E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.", }, { lang: "es", value: "Se encontró un fallo en SSSD versión 1.9.0. La lógica del proveedor de acceso de SSSD causa que el resultado del procesamiento de la regla HBAC sea ignorado en la situación en que el proveedor de acceso también esté manejando la configuración del contexto de usuario SELinux del usuario.", }, ], id: "CVE-2012-3462", lastModified: "2024-11-21T01:40:55.580", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-26T21:15:10.993", references: [ { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2012-3462", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3462", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://pagure.io/SSSD/sssd/issue/1470", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2012-3462", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3462", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://pagure.io/SSSD/sssd/issue/1470", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-06-11 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | sssd | 1.11.6 | |
| redhat | enterprise_linux | 5 | |
| redhat | enterprise_linux | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:1.11.6:*:*:*:*:*:*:*", matchCriteriaId: "1890E09D-3AD6-4C46-AD2F-C89DCC436C02", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", matchCriteriaId: "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.", }, { lang: "es", value: "System Security Services Daemon (SSSD) 1.11.6 no identifica debidamente la pertenencia a un grupo cuando un grupo no POSIX esté en una cadena de pertenencia a grupo, lo que permite a usuarios locales evadir restricciones de acceso a través de vectores no especificados.", }, ], id: "CVE-2014-0249", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-06-11T14:55:07.190", references: [ { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1101751", }, { source: "secalert@redhat.com", url: "https://lists.fedorahosted.org/pipermail/sssd-devel/2014-May/019495.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1101751", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedorahosted.org/pipermail/sssd-devel/2014-May/019495.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-02-24 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:*:*:*:*:*:*:*:*", matchCriteriaId: "71D26FCE-B49C-440F-9BDD-545346B34F03", versionEndIncluding: "1.9.3", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.2.1:*:*:*:*:*:*:*", matchCriteriaId: "516466B9-5183-4F5B-A64E-836B365AC015", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5BE12795-5A6C-4EF6-86E1-A04FFEF853B0", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.3.1:*:*:*:*:*:*:*", matchCriteriaId: "1BC55E33-CF2F-4749-8CAE-510A35697B87", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.3.2:*:*:*:*:*:*:*", matchCriteriaId: "F37B00AF-51D5-4FBC-8335-23FB49A2BE97", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.3.3:*:*:*:*:*:*:*", matchCriteriaId: "2B2D3AAE-5B5B-4737-B24C-873B1B28DDF1", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.4.0:*:*:*:*:*:*:*", matchCriteriaId: "D55E385B-87E0-4088-878F-0466BF05FC37", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.4.1:*:*:*:*:*:*:*", matchCriteriaId: "3E85F048-BEB3-4D35-954E-E4FFF2B7A9F7", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.5.0:*:*:*:*:*:*:*", matchCriteriaId: "CB6E070E-DB2B-4AFB-9E80-1061D51E572D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.6.0:*:*:*:*:*:*:*", matchCriteriaId: "0C6B15E7-C558-4B8C-9F25-B6B0F7D4DAE3", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F4135B52-D2B0-4B38-AB94-294EDCF65C0D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.7.0:*:*:*:*:*:*:*", matchCriteriaId: "6FA1CC29-EDF9-41F7-9EDC-79B7F7DAF232", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.7.1:*:*:*:*:*:*:*", matchCriteriaId: "5E096D40-0543-423E-B3DD-21EEFA1760FA", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.99.0:*:*:*:*:*:*:*", matchCriteriaId: "D519F093-C7E2-4F98-B64E-457B41FC52F8", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.99.1:*:*:*:*:*:*:*", matchCriteriaId: "F978466E-8AEA-4FA8-AD0F-2798CD5EEF03", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3A301168-1345-4FE9-9E0E-8AADD698C59A", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "E8C082CF-28D6-40EE-B7F4-C91B84596731", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "4ECB1E88-66A4-49DD-837D-9B3ACE435E4A", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "45EE589F-FC9B-4C54-A1DD-2843B24BB3D0", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "AD38D75C-996F-4C16-A781-976E26825894", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.5:*:*:*:*:*:*:*", matchCriteriaId: "0183AE7C-E9E6-43D4-BBD8-1746C6FF6A94", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "3F27CA10-EDB9-4490-B99F-686D355CDC4D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.99:*:*:*:*:*:*:*", matchCriteriaId: "BADE09B6-1BC9-4332-B7D6-0D50A5A69E59", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B08A8BE5-381D-4A4F-9D54-6231B17793B2", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "C0C9BCBA-8A11-49CA-A019-16F78A65F369", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "DB18B12A-82C6-4F97-B9B1-AA1390EFB129", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.1.91:*:*:*:*:*:*:*", matchCriteriaId: "64127A7C-A984-4BD5-B3E6-3976AFAE07B3", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.1.92:*:*:*:*:*:*:*", matchCriteriaId: "12A5A326-2387-468B-BDF5-ACD2D104F6D0", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "D347DF6E-C425-444B-A25D-7958D7B4EAC6", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "C3DC738E-A68E-4ED9-8A5F-0888A4B6180B", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "F40B3E3B-E803-44B3-99E8-DD6A08F018B7", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "23F5EDBE-2D5F-4878-B7D8-4F9A6872DBA0", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "062BBB63-39E9-41F6-BF9F-141FA8033E26", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.2.91:*:*:*:*:*:*:*", matchCriteriaId: "FD371750-E79F-432F-81DF-397A0F200E75", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "ABAEE5B2-54DA-4FB5-AD57-D00CAF17EE35", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "DEABA055-C1EF-4E8D-88DC-FB542D6F91C0", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "313BCCE7-6B8C-47DD-BB54-7B390D131BB5", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "9507DCBF-45C9-43BF-8E89-9C480EBC4F09", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "C38007C8-061C-4D6D-BC6B-83475E165A3C", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "D8F39928-292C-4B1E-849F-4CB7534558B7", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "19ACB702-62F5-4614-9CB9-AC07CCEBB399", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0524C067-9992-40F1-BC7A-EE382251151B", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.4:*:*:*:*:*:*:*", matchCriteriaId: "74298682-9BFF-4F81-B387-BA0B036619E5", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.5:*:*:*:*:*:*:*", matchCriteriaId: "BC55E83E-AAA5-4228-8283-57EBFCE1EEE8", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.6:*:*:*:*:*:*:*", matchCriteriaId: "AFB0D128-F08B-41C1-B8A1-3FD7845B3F37", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "30FC0A62-9332-46F8-8415-50742BBDFC88", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.7:*:*:*:*:*:*:*", matchCriteriaId: "4C0E2D4D-7C14-45E8-9E6D-BE7357AD1FA4", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.8:*:*:*:*:*:*:*", matchCriteriaId: "FFA871AC-FD8D-4F1E-9F84-B35E08568E5B", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.9:*:*:*:*:*:*:*", matchCriteriaId: "6B1FF7F0-6E19-4FB4-9E90-8188C1841C5D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.10:*:*:*:*:*:*:*", matchCriteriaId: "7065AF03-99E9-4DE2-B58D-CBB15D5FCCE7", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.11:*:*:*:*:*:*:*", matchCriteriaId: "6F918F06-9860-4959-98C7-9E922A92424E", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.12:*:*:*:*:*:*:*", matchCriteriaId: "14D2B8A8-9F5C-4970-BD6D-FEB6E4E9D419", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.13:*:*:*:*:*:*:*", matchCriteriaId: "3021B870-7141-442E-9ABC-CD0538374CCD", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.14:*:*:*:*:*:*:*", matchCriteriaId: "3D2C6D84-CD12-4201-BCCB-2613865734E2", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.15:*:*:*:*:*:*:*", matchCriteriaId: "F903EC2A-630A-4CE0-A4BE-2128A1A449B2", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.16:*:*:*:*:*:*:*", matchCriteriaId: "EE291086-6188-48A2-9A71-317AE4150263", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.17:*:*:*:*:*:*:*", matchCriteriaId: "F39C4381-3F9C-4A18-BAA0-6768E2227096", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.6.0:*:*:*:*:*:*:*", matchCriteriaId: "DA72408F-B759-4238-ADBE-5896EB8D9359", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "CDA8D7C7-BA09-432B-9956-3EAFEB56B039", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "C841BCE7-ACFA-48FC-9916-6743D53121BE", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "82059BE6-E075-42B3-A29E-AE88BBE1BE32", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.6.4:*:*:*:*:*:*:*", matchCriteriaId: "DCDCCFAB-5293-43F9-AD9F-4FB06E58FC0F", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.7.0:*:*:*:*:*:*:*", matchCriteriaId: "3B55D998-4648-42C4-BC90-8D2D3DF92805", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.0:*:*:*:*:*:*:*", matchCriteriaId: "082EECD4-0BA0-4467-9EEB-847A34A04906", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.0:beta1:*:*:*:*:*:*", matchCriteriaId: "97360F6C-BA99-4A58-94E1-FBDAEF4DF040", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.0:beta2:*:*:*:*:*:*", matchCriteriaId: "35CF5A7B-CB64-41E5-9B14-DE396F321A4E", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.0:beta3:*:*:*:*:*:*", matchCriteriaId: "44525CA2-BB2C-41F4-93A0-F0CF336C3011", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.1:*:*:*:*:*:*:*", matchCriteriaId: "79971450-4FA4-4A0B-9761-F6C261D98C3D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.2:*:*:*:*:*:*:*", matchCriteriaId: "6C6667AA-89D8-4EB2-ACED-9D37882D528D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.3:*:*:*:*:*:*:*", matchCriteriaId: "348E8F83-EA66-4F90-A340-6925F1A29E50", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.4:*:*:*:*:*:*:*", matchCriteriaId: "4D6FADD7-F0CF-4F78-8126-DDAFB098D943", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.5:*:*:*:*:*:*:*", matchCriteriaId: "602BA6C0-A0B1-4573-92EB-FFB35E40ED2F", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.6:*:*:*:*:*:*:*", matchCriteriaId: "EFCFE36E-24BE-4092-B535-2EB8612E5EFF", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "288395D1-C084-48F5-B266-24CF02151F1E", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.9.1:*:*:*:*:*:*:*", matchCriteriaId: "FB813D7A-8048-4C24-BAED-D85999710F0B", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.9.2:*:*:*:*:*:*:*", matchCriteriaId: "FF7C04C5-0777-4ED5-A40B-81FCF625ECCF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", matchCriteriaId: "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.", }, { lang: "es", value: "System Security Services Daemon (SSSD) anterior a v1.9.4, cuando (1) se crea, (2) copia, o (3) elimina el directorio home de usuario, permite a usuarios locales crear, modificar o eliminar ficheros arbitrarios mediante un ataque de enlace simbólicos sobre otros ficheros del usuario.", }, ], evaluatorComment: "Per https://access.redhat.com/security/cve/CVE-2013-0219\r\n\r\nThis issue affects the version of sssd shipped with Red Hat Enterprise Linux 5 and 6.\r\n", id: "CVE-2013-0219", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.7, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 1.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-02-24T19:55:01.237", references: [ { source: "secalert@redhat.com", url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=020bf88fd1c5bdac8fc671b37c7118f5378c7047", }, { source: "secalert@redhat.com", url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=3843b284cd3e8f88327772ebebc7249990fd87b9", }, { source: "secalert@redhat.com", url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=94cbf1cfb0f88c967f1fb0a4cf23723148868e4a", }, { source: "secalert@redhat.com", url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=e864d914a44a37016736554e9257c06b18c57d37", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2013-0508.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2013-1319.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/51928", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/52315", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/57539", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=884254", }, { source: "secalert@redhat.com", url: "https://fedorahosted.org/sssd/ticket/1782", }, { source: "secalert@redhat.com", url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=020bf88fd1c5bdac8fc671b37c7118f5378c7047", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=3843b284cd3e8f88327772ebebc7249990fd87b9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=94cbf1cfb0f88c967f1fb0a4cf23723148868e4a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=e864d914a44a37016736554e9257c06b18c57d37", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2013-0508.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2013-1319.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/51928", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/52315", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/57539", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=884254", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://fedorahosted.org/sssd/ticket/1782", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2011-01-25 01:00
Modified
2025-04-11 00:51
Severity ?
Summary
The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedorahosted | sssd | 1.4.0 | |
| fedorahosted | sssd | 1.4.1 | |
| fedoraproject | sssd | 1.3.0 | |
| fedoraproject | sssd | 1.5.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedorahosted:sssd:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B685E760-22B4-4064-B825-750C6B309420", vulnerable: true, }, { criteria: "cpe:2.3:a:fedorahosted:sssd:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "5885BF9D-969A-4FEF-A8F5-8004644B551B", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "ABAEE5B2-54DA-4FB5-AD57-D00CAF17EE35", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "C38007C8-061C-4D6D-BC6B-83475E165A3C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.", }, { lang: "es", value: "La función pam_parse_in_data_v2 en src/responder/pam/pamsrv_cmd.c en el PAM responder en SSSD v.1.5.0, v.1.4.x, y v.1.3 permite a usuarios locales provocar una denegación de servicio (bucle infinito, caída, y prevención de login) a través de paquetes manipulados.", }, ], id: "CVE-2010-4341", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-01-25T01:00:01.737", references: [ { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053319.html", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053337.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43053", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43055", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/43068", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2011-0560.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2011-0975.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/45961", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0197", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2011/0212", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=661163", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/64881", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053319.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053337.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43053", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/43068", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2011-0560.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2011-0975.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/45961", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0197", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2011/0212", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=661163", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/64881", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-07-27 16:29
Modified
2024-11-21 03:08
Severity ?
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:3379 | Vendor Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:1877 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12173 | Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:3379 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:1877 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12173 | Issue Tracking, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| fedoraproject | sssd | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:*:*:*:*:*:*:*:*", matchCriteriaId: "C0C01FF2-083A-462F-AAC5-37C36BC966FF", versionEndExcluding: "1.16.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.", }, { lang: "es", value: "Se ha encontrado que la función sysdb_search_user_by_upn_res() de sssd en versiones anteriores a la 1.16.0 no saneaba las peticiones al consultar su caché local y era vulnerable a inyecciones. En un entorno de inicio de sesión centralizado, si un hash de contraseña se almacenaba en la caché local de un usuario determinado, un atacante autenticado podía utilizar este error para recuperarlo.", }, ], id: "CVE-2017-12173", lastModified: "2024-11-21T03:08:59.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-27T16:29:00.257", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:3379", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1877", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12173", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:3379", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:1877", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12173", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-23 21:15
Modified
2024-11-21 06:22
Severity ?
Summary
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1975142 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html | Third Party Advisory | |
| secalert@redhat.com | https://sssd.io/release-notes/sssd-2.6.0.html | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1975142 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sssd.io/release-notes/sssd-2.6.0.html | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | sssd | 2.6.0 | |
| redhat | virtualization | 4.0 | |
| redhat | virtualization_host | 4.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux_eus | 8.1 | |
| redhat | enterprise_linux_eus | 8.2 | |
| redhat | enterprise_linux_server_aus | 8.2 | |
| redhat | enterprise_linux_server_aus | 8.4 | |
| redhat | enterprise_linux_server_tus | 8.2 | |
| redhat | enterprise_linux_server_tus | 8.4 | |
| fedoraproject | fedora | 34 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:2.6.0:*:*:*:*:*:*:*", matchCriteriaId: "ABE9C314-FAD9-476A-899B-59ECA2F999F0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BB28F9AF-3D06-4532-B397-96D7E4792503", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", matchCriteriaId: "92BC9265-6959-4D37-BE5E-8C45E98992F8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "831F0F47-3565-4763-B16F-C87B1FF2035E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "6897676D-53F9-45B3-B27F-7FF9A4C58D33", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "E28F226A-CBC7-4A32-BE58-398FA5B42481", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "B09ACF2D-D83F-4A86-8185-9569605D8EE1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "AC10D919-57FD-4725-B8D2-39ECB476902F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", }, { lang: "es", value: "Se encontró un fallo en SSSD, donde el comando sssctl era vulnerable a la inyección de comandos de shell por medio de los subcomandos logs-fetch y cache-expire. Este fallo permite a un atacante engañar al usuario root para que ejecute un comando sssctl especialmente diseñado, por ejemplo por medio de sudo, para conseguir acceso de root. La mayor amenaza de esta vulnerabilidad es para la confidencialidad, la integridad y la disponibilidad del sistema", }, ], id: "CVE-2021-3621", lastModified: "2024-11-21T06:22:00.150", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-23T21:15:08.920", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1975142", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, { source: "secalert@redhat.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://sssd.io/release-notes/sssd-2.6.0.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1975142", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://sssd.io/release-notes/sssd-2.6.0.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-03-21 16:55
Modified
2025-04-11 00:51
Severity ?
Summary
The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | sssd | 1.9.0 | |
| fedoraproject | sssd | 1.9.1 | |
| fedoraproject | sssd | 1.9.2 | |
| fedoraproject | sssd | 1.9.3 | |
| fedoraproject | sssd | 1.9.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "288395D1-C084-48F5-B266-24CF02151F1E", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.9.1:*:*:*:*:*:*:*", matchCriteriaId: "FB813D7A-8048-4C24-BAED-D85999710F0B", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.9.2:*:*:*:*:*:*:*", matchCriteriaId: "FF7C04C5-0777-4ED5-A40B-81FCF625ECCF", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.9.3:*:*:*:*:*:*:*", matchCriteriaId: "765E1A32-4BAD-48D5-A86A-936FF2DD47CC", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.9.4:*:*:*:*:*:*:*", matchCriteriaId: "B2277D1F-A744-40B4-BA07-5689441E8FB3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.", }, { lang: "es", value: "El Simple Access Provider en System Security Services Daemon (SSSD) v1.9.0 hasta v1.9.4, cuando usa el proveedor de Active Directory, no se aplica correctamente la opción simple_deny_groups, lo que permite a usuarios remotos autenticados para eludir restricciones de acceso previstos.", }, ], id: "CVE-2013-0287", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4.9, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-03-21T16:55:02.557", references: [ { source: "secalert@redhat.com", url: "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=910938", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=26590d31f492dbbd36be6d0bde46a4bd3b221edb", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6569d57e3bc168e6e83d70333b48c5cb43aa04c4", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6837eee3f7f81c0ee454d3718d67d7f3cc6b48ef", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=754b09b5444e6da88ed58d6deaed8b815e268b6b", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=7619be9f6bf649665fcbeee9e6b120f9f9cba2a5", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=8b8019fe3dd1564fba657e219ec20ff816c7ffdb", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=b63830b142053f99bfe954d4be5a2b0f68ce3a93", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=c0bca1722d6f9dfb654ad78397be70f79ff39af1", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2013-03/msg00115.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2013-0663.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/52704", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/52722", }, { source: "secalert@redhat.com", url: "http://securitytracker.com/id?1028317", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/58593", }, { source: "secalert@redhat.com", url: "https://lists.fedorahosted.org/pipermail/sssd-devel/2013-March/014066.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=910938", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=26590d31f492dbbd36be6d0bde46a4bd3b221edb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6569d57e3bc168e6e83d70333b48c5cb43aa04c4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6837eee3f7f81c0ee454d3718d67d7f3cc6b48ef", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=754b09b5444e6da88ed58d6deaed8b815e268b6b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=7619be9f6bf649665fcbeee9e6b120f9f9cba2a5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=8b8019fe3dd1564fba657e219ec20ff816c7ffdb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=b63830b142053f99bfe954d4be5a2b0f68ce3a93", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://git.fedorahosted.org/cgit/sssd.git/patch/?id=c0bca1722d6f9dfb654ad78397be70f79ff39af1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2013-03/msg00115.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2013-0663.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/52704", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/52722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1028317", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/58593", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedorahosted.org/pipermail/sssd-devel/2013-March/014066.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-02-24 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of service (out-of-bounds read, crash, and restart) via a crafted SSSD packet.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:*:*:*:*:*:*:*:*", matchCriteriaId: "71D26FCE-B49C-440F-9BDD-545346B34F03", versionEndIncluding: "1.9.3", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.2.1:*:*:*:*:*:*:*", matchCriteriaId: "516466B9-5183-4F5B-A64E-836B365AC015", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5BE12795-5A6C-4EF6-86E1-A04FFEF853B0", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.3.1:*:*:*:*:*:*:*", matchCriteriaId: "1BC55E33-CF2F-4749-8CAE-510A35697B87", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.3.2:*:*:*:*:*:*:*", matchCriteriaId: "F37B00AF-51D5-4FBC-8335-23FB49A2BE97", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.3.3:*:*:*:*:*:*:*", matchCriteriaId: "2B2D3AAE-5B5B-4737-B24C-873B1B28DDF1", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.4.0:*:*:*:*:*:*:*", matchCriteriaId: "D55E385B-87E0-4088-878F-0466BF05FC37", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.4.1:*:*:*:*:*:*:*", matchCriteriaId: "3E85F048-BEB3-4D35-954E-E4FFF2B7A9F7", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.5.0:*:*:*:*:*:*:*", matchCriteriaId: "CB6E070E-DB2B-4AFB-9E80-1061D51E572D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.6.0:*:*:*:*:*:*:*", matchCriteriaId: "0C6B15E7-C558-4B8C-9F25-B6B0F7D4DAE3", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F4135B52-D2B0-4B38-AB94-294EDCF65C0D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.7.0:*:*:*:*:*:*:*", matchCriteriaId: "6FA1CC29-EDF9-41F7-9EDC-79B7F7DAF232", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.7.1:*:*:*:*:*:*:*", matchCriteriaId: "5E096D40-0543-423E-B3DD-21EEFA1760FA", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.99.0:*:*:*:*:*:*:*", matchCriteriaId: "D519F093-C7E2-4F98-B64E-457B41FC52F8", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.99.1:*:*:*:*:*:*:*", matchCriteriaId: "F978466E-8AEA-4FA8-AD0F-2798CD5EEF03", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3A301168-1345-4FE9-9E0E-8AADD698C59A", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "E8C082CF-28D6-40EE-B7F4-C91B84596731", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "4ECB1E88-66A4-49DD-837D-9B3ACE435E4A", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "45EE589F-FC9B-4C54-A1DD-2843B24BB3D0", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "AD38D75C-996F-4C16-A781-976E26825894", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.5:*:*:*:*:*:*:*", matchCriteriaId: "0183AE7C-E9E6-43D4-BBD8-1746C6FF6A94", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "3F27CA10-EDB9-4490-B99F-686D355CDC4D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.0.99:*:*:*:*:*:*:*", matchCriteriaId: "BADE09B6-1BC9-4332-B7D6-0D50A5A69E59", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B08A8BE5-381D-4A4F-9D54-6231B17793B2", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "C0C9BCBA-8A11-49CA-A019-16F78A65F369", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "DB18B12A-82C6-4F97-B9B1-AA1390EFB129", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.1.91:*:*:*:*:*:*:*", matchCriteriaId: "64127A7C-A984-4BD5-B3E6-3976AFAE07B3", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.1.92:*:*:*:*:*:*:*", matchCriteriaId: "12A5A326-2387-468B-BDF5-ACD2D104F6D0", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "D347DF6E-C425-444B-A25D-7958D7B4EAC6", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "C3DC738E-A68E-4ED9-8A5F-0888A4B6180B", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "F40B3E3B-E803-44B3-99E8-DD6A08F018B7", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "23F5EDBE-2D5F-4878-B7D8-4F9A6872DBA0", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "062BBB63-39E9-41F6-BF9F-141FA8033E26", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.2.91:*:*:*:*:*:*:*", matchCriteriaId: "FD371750-E79F-432F-81DF-397A0F200E75", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "ABAEE5B2-54DA-4FB5-AD57-D00CAF17EE35", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "DEABA055-C1EF-4E8D-88DC-FB542D6F91C0", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "313BCCE7-6B8C-47DD-BB54-7B390D131BB5", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "9507DCBF-45C9-43BF-8E89-9C480EBC4F09", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "C38007C8-061C-4D6D-BC6B-83475E165A3C", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "D8F39928-292C-4B1E-849F-4CB7534558B7", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "19ACB702-62F5-4614-9CB9-AC07CCEBB399", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0524C067-9992-40F1-BC7A-EE382251151B", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.4:*:*:*:*:*:*:*", matchCriteriaId: "74298682-9BFF-4F81-B387-BA0B036619E5", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.5:*:*:*:*:*:*:*", matchCriteriaId: "BC55E83E-AAA5-4228-8283-57EBFCE1EEE8", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.6:*:*:*:*:*:*:*", matchCriteriaId: "AFB0D128-F08B-41C1-B8A1-3FD7845B3F37", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "30FC0A62-9332-46F8-8415-50742BBDFC88", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.7:*:*:*:*:*:*:*", matchCriteriaId: "4C0E2D4D-7C14-45E8-9E6D-BE7357AD1FA4", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.8:*:*:*:*:*:*:*", matchCriteriaId: "FFA871AC-FD8D-4F1E-9F84-B35E08568E5B", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.9:*:*:*:*:*:*:*", matchCriteriaId: "6B1FF7F0-6E19-4FB4-9E90-8188C1841C5D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.10:*:*:*:*:*:*:*", matchCriteriaId: "7065AF03-99E9-4DE2-B58D-CBB15D5FCCE7", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.11:*:*:*:*:*:*:*", matchCriteriaId: "6F918F06-9860-4959-98C7-9E922A92424E", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.12:*:*:*:*:*:*:*", matchCriteriaId: "14D2B8A8-9F5C-4970-BD6D-FEB6E4E9D419", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.13:*:*:*:*:*:*:*", matchCriteriaId: "3021B870-7141-442E-9ABC-CD0538374CCD", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.14:*:*:*:*:*:*:*", matchCriteriaId: "3D2C6D84-CD12-4201-BCCB-2613865734E2", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.15:*:*:*:*:*:*:*", matchCriteriaId: "F903EC2A-630A-4CE0-A4BE-2128A1A449B2", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.16:*:*:*:*:*:*:*", matchCriteriaId: "EE291086-6188-48A2-9A71-317AE4150263", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.17:*:*:*:*:*:*:*", matchCriteriaId: "F39C4381-3F9C-4A18-BAA0-6768E2227096", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.6.0:*:*:*:*:*:*:*", matchCriteriaId: "DA72408F-B759-4238-ADBE-5896EB8D9359", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "CDA8D7C7-BA09-432B-9956-3EAFEB56B039", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "C841BCE7-ACFA-48FC-9916-6743D53121BE", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "82059BE6-E075-42B3-A29E-AE88BBE1BE32", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.6.4:*:*:*:*:*:*:*", matchCriteriaId: "DCDCCFAB-5293-43F9-AD9F-4FB06E58FC0F", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.7.0:*:*:*:*:*:*:*", matchCriteriaId: "3B55D998-4648-42C4-BC90-8D2D3DF92805", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.0:*:*:*:*:*:*:*", matchCriteriaId: "082EECD4-0BA0-4467-9EEB-847A34A04906", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.0:beta1:*:*:*:*:*:*", matchCriteriaId: "97360F6C-BA99-4A58-94E1-FBDAEF4DF040", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.0:beta2:*:*:*:*:*:*", matchCriteriaId: "35CF5A7B-CB64-41E5-9B14-DE396F321A4E", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.0:beta3:*:*:*:*:*:*", matchCriteriaId: "44525CA2-BB2C-41F4-93A0-F0CF336C3011", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.1:*:*:*:*:*:*:*", matchCriteriaId: "79971450-4FA4-4A0B-9761-F6C261D98C3D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.2:*:*:*:*:*:*:*", matchCriteriaId: "6C6667AA-89D8-4EB2-ACED-9D37882D528D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.3:*:*:*:*:*:*:*", matchCriteriaId: "348E8F83-EA66-4F90-A340-6925F1A29E50", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.4:*:*:*:*:*:*:*", matchCriteriaId: "4D6FADD7-F0CF-4F78-8126-DDAFB098D943", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.5:*:*:*:*:*:*:*", matchCriteriaId: "602BA6C0-A0B1-4573-92EB-FFB35E40ED2F", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.8.6:*:*:*:*:*:*:*", matchCriteriaId: "EFCFE36E-24BE-4092-B535-2EB8612E5EFF", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "288395D1-C084-48F5-B266-24CF02151F1E", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.9.1:*:*:*:*:*:*:*", matchCriteriaId: "FB813D7A-8048-4C24-BAED-D85999710F0B", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.9.2:*:*:*:*:*:*:*", matchCriteriaId: "FF7C04C5-0777-4ED5-A40B-81FCF625ECCF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of service (out-of-bounds read, crash, and restart) via a crafted SSSD packet.", }, { lang: "es", value: "La función (1) sss_autofs_cmd_getautomntent y (2) sss_autofs_cmd_getautomntbyname en responder/autofs/autofssrv_cmd.c y la función (3) ssh_cmd_parse_request en responder/ssh/sshsrv_cmd.c en System Security Services Daemon (SSSD) anterior a v1.9.4 permite a atacantes remotos generar una denegación de servicio (lectura fuera de los límites, caída y reinicio) mediante una paquete SSSD especialmente diseñado.", }, ], id: "CVE-2013-0220", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-02-24T19:55:01.300", references: [ { source: "secalert@redhat.com", url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=2bd514cfde1938b1e245af11c9b548d58d49b325", }, { source: "secalert@redhat.com", url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=30e2585dd46b62aa3a4abdf6de3f40a20e1743ab", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2013-0508.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/51928", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/52315", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/57539", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=884601", }, { source: "secalert@redhat.com", url: "https://fedorahosted.org/sssd/ticket/1781", }, { source: "secalert@redhat.com", url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=2bd514cfde1938b1e245af11c9b548d58d49b325", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.fedorahosted.org/cgit/sssd.git/commit/?id=30e2585dd46b62aa3a4abdf6de3f40a20e1743ab", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2013-0508.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/51928", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/52315", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/57539", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=884601", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://fedorahosted.org/sssd/ticket/1781", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-25 18:29
Modified
2024-11-21 03:53
Severity ?
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | sssd | - | |
| redhat | enterprise_linux | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:-:*:*:*:*:*:*:*", matchCriteriaId: "B0ABAA03-C8E0-4281-AF60-D29246CA6B2D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.", }, { lang: "es", value: "Se ha encontrado un error en la implementación de sssd Group Policy Objects. Cuando el GPO no puede ser leído por SSSD debido a ajustes de permisos demasiado estrictos del lado del servidor, SSSD permitirá que todos los usuarios autenticados inicien sesión, en lugar de denegar el acceso.", }, ], id: "CVE-2018-16838", lastModified: "2024-11-21T03:53:24.937", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 5.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-25T18:29:00.433", references: [ { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00042.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00051.html", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:2177", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:2437", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:3651", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16838", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:2177", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:2437", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:3651", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16838", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2010-01-14 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting ticket (TGT); and might allow remote attackers to bypass intended access restrictions via vectors involving an arbitrary password in conjunction with a valid TGT.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | sssd | * | |
| fedoraproject | sssd | 0.2.1 | |
| fedoraproject | sssd | 0.3.0 | |
| fedoraproject | sssd | 0.3.1 | |
| fedoraproject | sssd | 0.3.2 | |
| fedoraproject | sssd | 0.3.3 | |
| fedoraproject | sssd | 0.4.0 | |
| fedoraproject | sssd | 0.4.1 | |
| fedoraproject | sssd | 0.5.0 | |
| fedoraproject | sssd | 0.6.0 | |
| fedoraproject | sssd | 0.6.1 | |
| fedoraproject | sssd | 0.7.0 | |
| fedoraproject | sssd | 0.7.1 | |
| fedoraproject | sssd | 0.99.0 | |
| fedoraproject | sssd | 0.99.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:*:*:*:*:*:*:*:*", matchCriteriaId: "2BB39CC8-3C50-4A5F-B16F-2E4ADE3BAD5F", versionEndIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.2.1:*:*:*:*:*:*:*", matchCriteriaId: "516466B9-5183-4F5B-A64E-836B365AC015", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5BE12795-5A6C-4EF6-86E1-A04FFEF853B0", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.3.1:*:*:*:*:*:*:*", matchCriteriaId: "1BC55E33-CF2F-4749-8CAE-510A35697B87", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.3.2:*:*:*:*:*:*:*", matchCriteriaId: "F37B00AF-51D5-4FBC-8335-23FB49A2BE97", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.3.3:*:*:*:*:*:*:*", matchCriteriaId: "2B2D3AAE-5B5B-4737-B24C-873B1B28DDF1", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.4.0:*:*:*:*:*:*:*", matchCriteriaId: "D55E385B-87E0-4088-878F-0466BF05FC37", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.4.1:*:*:*:*:*:*:*", matchCriteriaId: "3E85F048-BEB3-4D35-954E-E4FFF2B7A9F7", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.5.0:*:*:*:*:*:*:*", matchCriteriaId: "CB6E070E-DB2B-4AFB-9E80-1061D51E572D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.6.0:*:*:*:*:*:*:*", matchCriteriaId: "0C6B15E7-C558-4B8C-9F25-B6B0F7D4DAE3", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F4135B52-D2B0-4B38-AB94-294EDCF65C0D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.7.0:*:*:*:*:*:*:*", matchCriteriaId: "6FA1CC29-EDF9-41F7-9EDC-79B7F7DAF232", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.7.1:*:*:*:*:*:*:*", matchCriteriaId: "5E096D40-0543-423E-B3DD-21EEFA1760FA", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.99.0:*:*:*:*:*:*:*", matchCriteriaId: "D519F093-C7E2-4F98-B64E-457B41FC52F8", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:0.99.1:*:*:*:*:*:*:*", matchCriteriaId: "F978466E-8AEA-4FA8-AD0F-2798CD5EEF03", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting ticket (TGT); and might allow remote attackers to bypass intended access restrictions via vectors involving an arbitrary password in conjunction with a valid TGT.", }, { lang: "es", value: "System Security Services Daemon (SSSD) anterior a v1.0.1, cuando stá configurado krb5 auth_provider pero el KDC es inalcanzable, permite autenticarse a atacantes próximos físicamente, a través de una contraseña de su elección sobre el programa de bloqueo de pantalla en una estación de trabajo que tiene algún ticket de usuario del tipo Kerberos ticket-granting (TGT); y podría permitir a atacantes remotos evitar las restricciones de acceso establecidas a través de vectores que involucran una contraseña arbitraria en conjunción con un TGT válido.", }, ], id: "CVE-2010-0014", lastModified: "2025-04-09T00:30:58.490", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.7, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 1.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-01-14T18:30:00.513", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/38160", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/37747", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=553233", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.0.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/38160", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/37747", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=553233", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.0.1", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-19 14:29
Modified
2024-11-21 03:53
Severity ?
2.5 (Low) - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.securityfocus.com/bid/106264 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16883 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106264 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16883 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | sssd | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:*:*:*:*:*:*:*:*", matchCriteriaId: "6FF81911-E3D4-46F8-8994-0FF9F30E3A07", versionEndExcluding: "2.0.0", versionStartIncluding: "1.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the \"allowed_uids\" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.", }, { lang: "es", value: "sssd, desde la versión 1.13.0 hasta antes de la 2.0.0, no restringió correctamente el acceso a la infopipe según el parámetro de configuración \"allowed_uids\". Si se almacena información sensible en el directorio de usuario, esto podría divulgarse de forma inadvertida a los atacantes locales.", }, ], id: "CVE-2018-16883", lastModified: "2024-11-21T03:53:31.620", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 2.5, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 1, impactScore: 1.4, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-19T14:29:00.283", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106264", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16883", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106264", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16883", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-01 17:15
Modified
2025-03-27 15:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:*:*:*:*:*:*:*:*", matchCriteriaId: "690E7363-ED75-400D-9F2F-5E87BEF9C238", versionEndExcluding: "2.3.1", versionStartIncluding: "1.15.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*", matchCriteriaId: "566507B6-AC95-47F7-A3FB-C6F414E45F51", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*", matchCriteriaId: "1CDCFF34-6F1D-45A1-BE37-6A0E17B04801", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*", matchCriteriaId: "B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*", matchCriteriaId: "37CE1DC7-72C5-483C-8921-0B462C8284D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "6897676D-53F9-45B3-B27F-7FF9A4C58D33", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*", matchCriteriaId: "4DF2B9A2-8CA6-4EDF-9975-07265E363ED2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*", matchCriteriaId: "7DA6A5AF-2EBE-4ED9-B312-DCD9D150D031", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "B09ACF2D-D83F-4A86-8185-9569605D8EE1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*", matchCriteriaId: "48C2E003-A71C-4D06-B8B3-F93160568182", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters", }, ], id: "CVE-2022-4254", lastModified: "2025-03-27T15:15:41.500", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-02-01T17:15:09.680", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2022-4254", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2149894", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/SSSD/sssd/issues/5135", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2022-4254", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2149894", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/SSSD/sssd/issues/5135", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-90", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-90", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2015-10-29 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | sssd | 1.10.0 | |
| fedoraproject | sssd | 1.10.1 | |
| fedoraproject | sssd | 1.11.0 | |
| fedoraproject | sssd | 1.11.1 | |
| fedoraproject | sssd | 1.11.2 | |
| fedoraproject | sssd | 1.11.3 | |
| fedoraproject | sssd | 1.11.4 | |
| fedoraproject | sssd | 1.11.5 | |
| fedoraproject | sssd | 1.11.6 | |
| fedoraproject | sssd | 1.11.7 | |
| fedoraproject | sssd | 1.12.0 | |
| fedoraproject | sssd | 1.12.1 | |
| fedoraproject | sssd | 1.12.2 | |
| fedoraproject | sssd | 1.12.3 | |
| fedoraproject | sssd | 1.12.4 | |
| fedoraproject | sssd | 1.12.5 | |
| fedoraproject | sssd | 1.13.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:1.10.0:*:*:*:*:*:*:*", matchCriteriaId: "5AFCDECF-26E1-4B23-A91D-F8DD668DF32A", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.10.1:*:*:*:*:*:*:*", matchCriteriaId: "B1590881-C44A-446E-BAF6-5CE59DAF6A66", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.11.0:*:*:*:*:*:*:*", matchCriteriaId: "C32B676B-97B6-48AA-BE8D-743FE52B4438", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "E963CF03-E0DC-4BEE-AAE3-DF09B2F57767", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "0968753D-BA33-4D0B-849C-FC9B7EBDC70D", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "3B96047C-CA3E-4708-8EB3-F33CD0BE0FE9", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "FFAD8539-1CEC-454E-BA68-8D8B6033751E", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.11.5:*:*:*:*:*:*:*", matchCriteriaId: "81824ADB-8797-45B0-9B83-953F899A00D3", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.11.6:*:*:*:*:*:*:*", matchCriteriaId: "1890E09D-3AD6-4C46-AD2F-C89DCC436C02", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.11.7:*:*:*:*:*:*:*", matchCriteriaId: "8041D271-F9DF-452F-BC4E-9F69B4A0F3A3", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.12.0:*:*:*:*:*:*:*", matchCriteriaId: "2783866D-0DE2-4E92-90CB-53DA9B914A21", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.12.1:*:*:*:*:*:*:*", matchCriteriaId: "2C7D641D-E018-4EC1-9416-5C788C9F1107", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.12.2:*:*:*:*:*:*:*", matchCriteriaId: "4C81F4DF-4190-4D9B-8C1B-CD51B4678B93", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.12.3:*:*:*:*:*:*:*", matchCriteriaId: "F52B44E7-71AB-4028-B9A3-E80508EF0AE7", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.12.4:*:*:*:*:*:*:*", matchCriteriaId: "68D7CEC8-8D38-451D-B9C3-A68224125906", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.12.5:*:*:*:*:*:*:*", matchCriteriaId: "09EAA45E-0F9E-4E04-BB81-C91E3357B030", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.13.0:*:*:*:*:*:*:*", matchCriteriaId: "9E3A3029-5612-47C4-8F32-0209F4733AF7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.", }, { lang: "es", value: "Fuga de memoria en el plugin en Privilege Attribute Certificate (PAC) responder (sssd_pac_plugin.so) en System Security Services Daemon (SSSD) 1.10 en versiones anteriores a 1.13.1 permite a usuarios remotos autenticados provocar una denegación de servicio (consumo de memoria) a través de un gran número de logins que desencadenan análisis gramaticales de blobs de PAC durante la autenticación Kerberos.", }, ], id: "CVE-2015-5292", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-10-29T16:59:00.117", references: [ { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169110.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169597.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169613.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://permalink.gmane.org/gmane.linux.redhat.sssd.user/3422", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-2019.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-2355.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/77529", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1034038", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1267580", }, { source: "secalert@redhat.com", url: "https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch", }, { source: "secalert@redhat.com", url: "https://fedorahosted.org/sssd/ticket/2803", }, { source: "secalert@redhat.com", url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169110.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169597.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169613.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://permalink.gmane.org/gmane.linux.redhat.sssd.user/3422", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-2019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-2355.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/77529", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1034038", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1267580", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://fedorahosted.org/sssd/ticket/2803", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-26 14:29
Modified
2024-11-21 03:42
Severity ?
3.8 (Low) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.securityfocus.com/bid/104547 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:3158 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10852 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://lists.debian.org/debian-lts-announce/2018/07/msg00019.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104547 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3158 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10852 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/07/msg00019.html | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 8.0 | |
| fedoraproject | sssd | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:*:*:*:*:*:*:*:*", matchCriteriaId: "CACA6508-9BB0-4703-9F8C-F1DCA63D8DD0", versionEndExcluding: "1.16.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3.", }, { lang: "es", value: "El pipe de Unix que utiliza sudo para contactar SSSD y leer las reglas sudo disponibles desde SSSD tiene permisos demasiado laxos, lo que significa que cualquiera que pueda enviar un mensaje utilizando el mismo protocolo raw que utilizan sudo y SSSD puede leer reglas sudo disponibles para cualquier usuario. Esto afecta a las versiones SSSD en versiones anteriores a la 1.16.3.", }, ], id: "CVE-2018-10852", lastModified: "2024-11-21T03:42:08.547", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.8, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 2, impactScore: 1.4, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-26T14:29:02.207", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/104547", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3158", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10852", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/104547", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10852", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/07/msg00019.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-01-15 15:29
Modified
2024-11-21 04:42
Severity ?
Summary
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | sssd | * | |
| debian | debian_linux | 8.0 | |
| fedoraproject | fedora | - | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 42.3 | |
| redhat | enterprise_linux | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:*:*:*:*:*:*:*:*", matchCriteriaId: "CE18BF4D-E68C-44E0-9D3C-1221EF2727D7", versionEndExcluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*", matchCriteriaId: "D3FEADDA-2AEE-4F65-9401-971B585664A8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.", }, { lang: "es", value: "Se ha encontrado una vulnerabilidad en sssd. Si se configura un usuario sin un directorio de inicio establecido, sssd devolvería \"/\" (el directorio root) en lugar de \" \" (cadena vacía/no directorio de inicio). Esto podría impactar sobre los servicios que restringen el acceso al sistema de archivos del usuario a solo su directorio de inicio mediante chroot(), etc. Todas las versiones anteriores a la 2.1 son vulnerables.", }, ], id: "CVE-2019-3811", lastModified: "2024-11-21T04:42:35.407", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 2.7, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.3, impactScore: 1.4, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-01-15T15:29:00.360", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00026.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00045.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/106644", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2177", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3811", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00011.html", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/106644", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2177", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3811", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00011.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, { lang: "en", value: "CWE-552", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2011-05-26 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | sssd | 1.5.0 | |
| fedoraproject | sssd | 1.5.1 | |
| fedoraproject | sssd | 1.5.2 | |
| fedoraproject | sssd | 1.5.3 | |
| fedoraproject | sssd | 1.5.4 | |
| fedoraproject | sssd | 1.5.5 | |
| fedoraproject | sssd | 1.5.6 | |
| fedoraproject | sssd | 1.5.6.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "C38007C8-061C-4D6D-BC6B-83475E165A3C", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "D8F39928-292C-4B1E-849F-4CB7534558B7", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "19ACB702-62F5-4614-9CB9-AC07CCEBB399", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0524C067-9992-40F1-BC7A-EE382251151B", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.4:*:*:*:*:*:*:*", matchCriteriaId: "74298682-9BFF-4F81-B387-BA0B036619E5", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.5:*:*:*:*:*:*:*", matchCriteriaId: "BC55E83E-AAA5-4228-8283-57EBFCE1EEE8", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.6:*:*:*:*:*:*:*", matchCriteriaId: "AFB0D128-F08B-41C1-B8A1-3FD7845B3F37", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:sssd:1.5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "30FC0A62-9332-46F8-8415-50742BBDFC88", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname.", }, { lang: "es", value: "La función krb5_save_ccname_done en providers/krb5/krb5_auth.c en el Security Services Daemon (SSSD) v1.5.x anteriores a v1.5.7 1.5.x, cuando la renovación automática de tickets la autenticación fuera de línea está configurada, utiliza una cadena de ruta como contraseña, lo que permite a usuarios locales eludir la autenticación Kerberos listando el directorio /tmp para obtener la ruta de acceso.", }, ], id: "CVE-2011-1758", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.7, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 1.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-05-26T18:55:02.237", references: [ { source: "secalert@redhat.com", url: "http://git.fedorahosted.org/git/?p=sssd.git%3Ba=commit%3Bh=fffdae81651b460f3d2c119c56d5caa09b4de42a", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059532.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059619.html", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2011/04/29/4", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=700867", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=700891", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://fedorahosted.org/pipermail/sssd-devel/2011-April/006138.html", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://fedorahosted.org/sssd/ticket/856", }, { source: "secalert@redhat.com", url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.fedorahosted.org/git/?p=sssd.git%3Ba=commit%3Bh=fffdae81651b460f3d2c119c56d5caa09b4de42a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059532.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059619.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2011/04/29/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=700867", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=700891", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://fedorahosted.org/pipermail/sssd-devel/2011-April/006138.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://fedorahosted.org/sssd/ticket/856", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.7", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }