726 matches found
Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2021-2675)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : sssd (EulerOS-SA-2021-2699)
According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and cache-expire subcommands. Thi...
EulerOS 2.0 SP9 : sssd (EulerOS-SA-2021-2724)
According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and cache-expire subcommands. Thi...
EulerOS 2.0 SP5 : sssd (EulerOS-SA-2021-2675)
According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and cache-expire subcommands. Thi...
Updated sssd packages fix security vulnerability
Shell command injection in sssctl. CVE-2021-3621...
MGASA-2021-0502 Updated sssd packages fix security vulnerability
Shell command injection in sssctl. CVE-2021-3621...
CVE-2021-42372
A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7.30 allows authenticated remote attackers to execute arbitrary shell commands as the user running the service...
CVE-2021-42372
A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7.30 allows authenticated remote attackers to execute arbitrary shell commands as the user running the service...
Command injection
A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7.30 allows authenticated remote attackers to execute arbitrary shell commands as the user running the service...
EUVD-2021-29343
A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7.30 allows authenticated remote attackers to execute arbitrary shell commands as the user running the service...
CVE-2021-42372
CVE-2021-42372 affects XoruX LPAR2RRD and STOR2RRD prior to version 7.30. The underlying issue is a shell command injection in the HW Events SNMP community, allowing authenticated remote attackers to execute arbitrary shell commands as the service user. Red Hat and other sources confirm the affec...
CVE-2021-42372
A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7.30 allows authenticated remote attackers to execute arbitrary shell commands as the user running the service...
Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2021-2646)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : sssd (ALAS-2021-1715)
The version of sssd installed on the remote host is prior to 1.16.5-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1715 advisory. A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and cache-expire...
Important: sssd
Issue Overview: A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access...
Amazon Linux AMI : sssd (ALAS-2021-1542)
The version of sssd installed on the remote host is prior to 1.16.4-21.26. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1542 advisory. A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and cache-expire...
SUSE-RU-2021:3185-1 Recommended update for sssd
This update for sssd fixes the following issues: - Fix a dependency loop by moving internal libraries to sssd-common package. bsc1182058 - Moved sssctl command from sssd to sssd-tools package. bsc1184289 - Create timestamp attribute in cache objects if missing. bsc1182637 - Fix watchdog not...
Debian DLA-2758-1 : sssd - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2758 advisory. - A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and cache-expire subcommands. This flaw allows an attacke...
CentOS 8 : sssd (CESA-2021:3151)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:3151 advisory. - sssd: shell command injection in sssctl CVE-2021-3621 Note that Nessus has not tested for this issue but has instead relied only on the application's...
SUSE: Security Advisory (SUSE-SU-2021:2941-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...