Lucene search
K

41 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 7 : sssd-1.16.2-13.el7 (AXSA:2019-3678:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3678:01 advisory. sssd: information leak from the sssd-sudo responder CVE-2018-10852 Tenable has extracted the preceding description block directly from the MiracleLinux...

7.5CVSS6.3AI score0.01519EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2018-10852

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a messa...

7.5CVSS6.2AI score0.01519EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.25 views

RHEL 6 : sssd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sssd: information leak from the sssd-sudo responder CVE-2018-10852 - sssd versions from 1.13.0 to before...

7.5CVSS7.8AI score0.01519EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2018-0350)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01519EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/09/09 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-5067-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.9AI score0.02524EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2021/09/08 11:40 a.m.178 views

USN-5067-1: SSSD vulnerabilities

Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. CVE-2018-10852 It was discovered that SSSD incorrectly handled Group Policy Objects. Whe...

9.3CVSS6.3AI score0.02524EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2018:2144-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01519EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2019:0081-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.2AI score0.01519EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2019-1193)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01519EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2018-1403)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01519EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.27 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : sssd Vulnerability (NS-SA-2019-0067)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sssd packages installed that are affected by a vulnerability: - The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of permissions. Any user who can send a...

7.5CVSS6.4AI score0.01519EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.22 views

EulerOS Virtualization for ARM 64 3.0.1.0 : sssd (EulerOS-SA-2019-1411)

According to the versions of the sssd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of...

8.8CVSS6.3AI score0.01519EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/04/09 12:0 a.m.18 views

EulerOS Virtualization 2.5.4 : sssd (EulerOS-SA-2019-1193)

According to the version of the sssd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of permissions...

7.5CVSS6.4AI score0.01519EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.28 views

openSUSE Security Update : sssd (openSUSE-2019-574)

This update for sssd fixes the following security issue : - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users bsc1098377. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenabl...

7.5CVSS6.5AI score0.01519EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/03/07 12:0 a.m.29 views

SUSE SLED12 / SLES12 Security Update : sssd (SUSE-SU-2019:0556-1)

This update for sssd fixes the following issues : Security vulnerabilities addressed : Fix fallbackhomedir returning '/' for empty home directories CVE-2019-3811 bsc1121759 Create sockets with right permissions bsc1098377, CVE-2018-10852 Other bug fixes and changes: Install logrotate configuratio...

7.5CVSS6.1AI score0.01519EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2019/01/25 12:0 a.m.28 views

Amazon Linux AMI : sssd (ALAS-2018-1127)

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of permissions. Any user who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. CVE-2018-10852 C Tenable Network...

7.5CVSS6.3AI score0.01519EPSS
Exploits0References2
Amazon
Amazon
added 2019/01/22 12:0 a.m.62 views

Low: sssd

Issue Overview: The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of permissions. Any user who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. CVE-2018-10852...

7.5CVSS6.6AI score0.01519EPSS
Exploits0
OpenVAS
OpenVAS
added 2019/01/14 12:0 a.m.25 views

openSUSE: Security Advisory for sssd (openSUSE-SU-2019:0051-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.8AI score0.01519EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/14 12:0 a.m.41 views

SUSE SLED12 / SLES12 Security Update : sssd (SUSE-SU-2019:0081-1)

This update for sssd provides the following fixes : This security issue was fixed : CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users bsc1098377 The update package also includes non-security fixes. See advisory for...

7.5CVSS6.5AI score0.01519EPSS
Exploits0References10
OSV
OSV
added 2019/01/11 4:6 p.m.9 views

SUSE-SU-2019:0081-1 Security update for sssd

This update for sssd provides the following fixes: This security issue was fixed: - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users bsc1098377 These non-security issues were fixed: - Fix a segmentation fault in ssscac...

7.5CVSS7.4AI score0.01519EPSS
Exploits0References9
Rows per page
Query Builder