MiracleLinux 7 : sssd-1.16.4-21.el7 (AXSA:2019-4334:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4334:02 advisory. sssd: fallbackhomedir returns '/' for empty home directories in passwd file CVE-2019-3811 sssd: improper implementation of GPOs due to too restricti...

Linux Distros Unpatched Vulnerability : CVE-2019-3811

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' the root directory instead of '' the empty string ...

RHEL 6 : sssd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sssd: information leak from the sssd-sudo responder CVE-2018-10852 - sssd versions from 1.13.0 to before...

Oracle Linux 7 : sssd (ELSA-2019-2177)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2177 advisory. - Resolves: rhbz1660874 - CVE-2018-16838 sssd: improper implementation of GPOs due to too restrictive permissions rhel-7 Tenable has extracted the...

[SECURITY] [DLA 3436-1] sssd security update

Debian LTS Advisory DLA-3436-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 29, 2023 https://wiki.debian.org/LTS Package : sssd Version : 1.16.3-3.2+deb10u1 CVE ID : CVE-2018-16838 CVE-2019-3811 CVE-2021-3621 CVE-2022-4254 Debian Bug : 919051 931432 992710...

Mageia: Security Advisory (MGASA-2019-0152)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5067-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5067-1: SSSD vulnerabilities

Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. CVE-2018-10852 It was discovered that SSSD incorrectly handled Group Policy Objects. Whe...

Advisory ROSA-SA-2021-1977

Software: sssd 1.16.5 OS: Cobalt 7.9 CVE-ID: CVE-2018-16883 CVE-Crit: MEDIUM CVE-DESC: sssd versions 1.13.0 through 2.0.0 incorrectly restricted access to the information channel according to the "alloweduids" configuration parameter. If sensitive information was stored in a user's directory, it...

SUSE: Security Advisory (SUSE-SU-2019:0542-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:0805-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2019-2052)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2019-1660)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.05 / MAIN 5.05 : sssd Multiple Vulnerabilities (NS-SA-2019-0241)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sssd packages installed that are affected by multiple vulnerabilities: - A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' the root directory instead of '' the emp...

Amazon Linux 2 : sssd (ALAS-2019-1343)

A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.CVE-2018-16838 A vulnerability was found in sssd where, if a us...

Medium: sssd

Issue Overview: A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.CVE-2018-16838 A vulnerability was found in sss...

libipa_hbac, libsss_autofs, libsss_certmap, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, libsss_sudo, python, sssd security update

CentOS Errata and Security Advisory CESA-2019:2177 An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CentOS 7 : sssd (CESA-2019:2177)

An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Scientific Linux Security Update : sssd on SL7.x x86_64 (20190806)

The following packages have been upgraded to a later upstream version: sssd 1.16.4. Security Fixes : - sssd: fallbackhomedir returns '/' for empty home directories in passwd file CVE-2019-3811 - sssd: improper implementation of GPOs due to too restrictive permissions CVE-2018-16838 C Tenable...

RHEL 7 : sssd (RHSA-2019:2177)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2177 advisory. The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication...