Lucene search
K

78 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.6 views

SUSE CVE-2010-4341

The pamparseindatav2 function in src/responder/pam/pamsrvcmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service infinite loop, crash, and login prevention via a crafted packet...

2.1CVSS6.4AI score0.00486EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.5 views

SUSE CVE-2011-1758

The krb5saveccnamedone function in providers/krb5/krb5auth.c in System Security Services Daemon SSSD 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by...

3.7CVSS6.8AI score0.00338EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.2 views

SUSE CVE-2013-0219

System Security Services Daemon SSSD before 1.9.4, when 1 creating, 2 copying, or 3 removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files...

3.7CVSS6.7AI score0.00366EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/08/31 9:28 a.m.6 views

sssd: shell command injection in sssctl

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest...

9.3CVSS5.7AI score0.02524EPSS
Exploits0References4
OSV
OSV
added 2019/12/26 9:15 p.m.4 views

UBUNTU-CVE-2012-3462

A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context...

8.8CVSS7.2AI score0.01607EPSS
Exploits1References3
CNVD
CNVD
added 2019/01/17 12:0 a.m.2 views

SSSD Information Disclosure Vulnerability (CNVD-2019-02525)

SSSD is a daemon for managing access to remote directories and authentication mechanisms. An information disclosure vulnerability exists in versions of SSSD prior to 2.1, which can be exploited by an attacker to disclose information...

5.2CVSS6.5AI score0.00696EPSS
Exploits0References1
OSV
OSV
added 2019/01/15 3:29 p.m.5 views

UBUNTU-CVE-2019-3811

A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' the root directory instead of '' the empty string / no home directory. This could impact services that restrict the user's filesystem access to within their home directory through chroot...

5.2CVSS6AI score0.00696EPSS
Exploits0References3
OSV
OSV
added 2018/12/19 2:29 p.m.5 views

UBUNTU-CVE-2018-16883

sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers...

5.5CVSS6.2AI score0.00382EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/10/30 3:0 p.m.46 views

sssd: information leak from the sssd-sudo responder

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of permissions. Any user who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user...

7.5CVSS7.1AI score0.01519EPSS
Exploits0References5
OSV
OSV
added 2018/07/27 4:29 p.m.1 views

DEBIAN-CVE-2017-12173

It was found that sssd's sysdbsearchuserbyupnres function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this fla...

8.8CVSS6.7AI score0.01499EPSS
Exploits0References1
OSV
OSV
added 2018/06/26 2:29 p.m.3 views

DEBIAN-CVE-2018-10852

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD befor...

7.5CVSS6.1AI score0.01519EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/06/19 4:59 a.m.43 views

sssd: unsanitized input when searching in local cache database

It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve ...

8.8CVSS5.8AI score0.01499EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/11/10 1:0 p.m.3 views

sssd: memory leak in the sssd_pac_plugin

It was found that SSSD's Privilege Attribute Certificate PAC responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon...

6.8CVSS7.2AI score0.03666EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/03/05 10:5 a.m.4 views

sssd: incorrect expansion of group membership when encountering a non-POSIX group

The System Security Services Daemon SSSD 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors...

3.3CVSS7.1AI score0.00341EPSS
Exploits0References4
OSV
OSV
added 2014/06/11 2:55 p.m.3 views

UBUNTU-CVE-2014-0249

The System Security Services Daemon SSSD 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors...

3.3CVSS7.1AI score0.00341EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2014/04/28 12:0 a.m.1 views

PT-2015-6836 · Red Hat +2 · Sssd +3

Name of the Vulnerable Software and Affected Versions: System Security Services Daemon SSSD versions 1.10 through 1.13.0 Description: The issue is related to a memory leak in the Privilege Attribute Certificate PAC responder plugin, which can be triggered by remote authenticated users through a...

6.8CVSS7AI score0.03666EPSS
Exploits0References39
OSV
OSV
added 2013/03/21 4:55 p.m.10 views

UBUNTU-CVE-2013-0287

The Simple Access Provider in System Security Services Daemon SSSD 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simpledenygroups option, which allows remote authenticated users to bypass intended access restrictions...

4.9CVSS5.8AI score0.02154EPSS
Exploits0References3
OSV
OSV
added 2013/02/24 7:55 p.m.2 views

DEBIAN-CVE-2013-0220

The 1 sssautofscmdgetautomntent and 2 sssautofscmdgetautomntbyname function in responder/autofs/autofssrvcmd.c and the 3 sshcmdparserequest function in responder/ssh/sshsrvcmd.c in System Security Services Daemon SSSD before 1.9.4 allow remote attackers to cause a denial of service out-of-bounds...

5CVSS6.8AI score0.03324EPSS
Exploits0References1
Rows per page
Query Builder