Advisory ROSA-SA-2026-3218

software: sssd 2.9.7 OS: ROSA-CHROME unaffected versions = sssd-2.9.7-1 affected versions sssd-2.9.7-1 CVE-ID: CVE-2023-3758 BDU-ID: 2024-04108 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the remote directory access control service and SSSD authentication mechanism is associated with a race...

EUVD-2017-16508

Malware in sbrugna...

The vulnerability of the access control service for remote catalogs and the SSSD authentication mechanism, related to incorrect authorization, allows a perpetrator to trigger a service failure.

The vulnerability of the access control service for remote catalogs and the SSSD authentication mechanism are related to a status error that causes the GPO policy not to be applied consistently to authenticated users. Exploiting this vulnerability could allow a malicious actor to cause service...

The vulnerability of the access control service for remote catalogs and the authentication mechanism sssd, related to the disclosure of information, allows a perpetrator to gain access to confidential data.

The vulnerability of the access control service for remote catalogs and the authentication mechanism of sssd involve revealing information that allows reading of sudo rules, which are accessible to any user. Exploiting this vulnerability could enable a malicious individual to gain access to...

The vulnerability of the access control service for remote catalogs and the authentication mechanism sssd, related to the transmission of confidential information to unauthorized entities, allows attackers to disclose the protected information.

The vulnerability of the access control service for remote catalogs and the authentication mechanism of sssd is related to the disclosure of information when an unauthorized user is brought back to the sssd’s home directory, allowing access to the file system. Exploiting this vulnerability can...

K99934702: Authconfig vulnerability CVE-2017-7488

Security Advisory Description Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames. CVE2017-7488 Impact There is no impact; F5 products are not affected by this...

K17159: PAM vulnerability CVE-2009-2410

Security Advisory Description The localhandlercallback function in server/responder/pam/pamLOCALdomain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain access by sending the account's username, in...

The vulnerability of the libsss_certmap package from the access control service for remote directories and the sssd authentication mechanism allows a perpetrator to increase their privileges.

The vulnerability of the libssscertmap package, a service for managing access to remote directories and an authentication mechanism for sssd, is related to the inability to clear certificate data when using LDAP filtering. Exploiting this vulnerability could allow a malicious actor to increase...

OPENSUSE-SU-2019:1589-1 Security update for sssd

This update for sssd fixes the following issues: Security issue fixed: - CVE-2018-16838: Fixed an authentication bypass related to the Group Policy Objects implementation bsc1124194. Non-security issues fixed: - Allow defaults sudoRole without sudoUser attribute bsc1135247 - Missing GPOs director...

Information disclosure

Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames...