7 matches found
SUSE CVE-2017-12173
It was found that sssd's sysdbsearchuserbyupnres function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this fla...
NewStart CGSL MAIN 5.04 : sssd Vulnerability (NS-SA-2019-0002)
The remote NewStart CGSL host, running version MAIN 5.04, has sssd packages installed that are affected by a vulnerability: - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login...
NewStart CGSL MAIN 4.05 : sssd Vulnerability (NS-SA-2019-0132)
The remote NewStart CGSL host, running version MAIN 4.05, has sssd packages installed that are affected by a vulnerability: - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login...
Information Disclosure
sssd is vulnerable to information disclosure attacks. The vulnerability exists as it was found that sssd's sysdbsearchuserbyupnres function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash...
Medium: sssd
Issue Overview: Unsanitized input when searching in local cache database It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for...
EulerOS 2.0 SP2 : sssd (EulerOS-SA-2017-1325)
According to the version of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In...
EulerOS 2.0 SP1 : sssd (EulerOS-SA-2017-1324)
According to the version of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In...