28 matches found
MiracleLinux 4 : sssd-1.13.3-60.AXS4, ding-libs-0.4.0-13.AXS4 (AXSA:2018-3221:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3221:01 advisory. sssd: unsanitized input when searching in local cache database CVE-2017-12173 Tenable has extracted the preceding description block directly from the...
MiracleLinux 7 : sssd-1.15.2-50.el7.8 (AXSA:2017-2463:06)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2463:06 advisory. It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a...
Mageia: Security Advisory (MGASA-2017-0421)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2937-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2018-1273)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 4.05 : sssd Vulnerability (NS-SA-2019-0132)
The remote NewStart CGSL host, running version MAIN 4.05, has sssd packages installed that are affected by a vulnerability: - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login...
NewStart CGSL MAIN 5.04 : sssd Vulnerability (NS-SA-2019-0002)
The remote NewStart CGSL host, running version MAIN 5.04, has sssd packages installed that are affected by a vulnerability: - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login...
EulerOS Virtualization for ARM 64 3.0.1.0 : sssd (EulerOS-SA-2019-1411)
According to the versions of the sssd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of...
CVE-2017-12173
It was found that sssd's sysdbsearchuserbyupnres function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this fla...
CVE-2017-12173
CVE-2017-12173 affects sssd: the sysdb_search_user_by_upn_res() function did not sanitize requests when querying the local cache, with versions before 1.16.0 vulnerable to injection. In centralized login environments, if a password hash is cached for a user, an authenticated attacker could retrie...
Oracle Linux 6 : sssd / and / ding-libs (ELSA-2018-1877)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-1877 advisory. - Resolves: rhbz1507435 - CVE-2017-12173 sssd: unsanitized input when searching in local cache database rhel-6.10 Tenable has extracted the preceding descriptio...
sssd and ding-libs security and bug fix update
ding-libs 0.4.0-13 - Resolves: rhbz1538061 - sssd/libiniconfig cannot parse configuration file with line longer than 5102 0.4.0-12 - Related: rhbz1377213 - ding-libs dont parse lines without an equal sign sssd 1.13.3-60.0.1 - Orabug 26746822 - revert patch 0118 to fix LDAP netgroup lookup problem...
CentOS 6 : ding-libs / sssd (CESA-2018:1877)
An update for sssd and ding-libs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: sssd and ding-libs security and bug fix update
An update for sssd and ding-libs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 6 : sssd and ding-libs (RHSA-2018:1877)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1877 advisory. The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It...
Fedora 27 : sssd (2017-39c5f8cd7e)
Security fix for CVE-2017-12173 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...
EulerOS 2.0 SP2 : sssd (EulerOS-SA-2017-1325)
According to the version of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In...
CentOS 7 : sssd (CESA-2017:3379)
An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
libipa_hbac, libsss_autofs, libsss_certmap, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, libsss_sudo, python, sssd security update
CentOS Errata and Security Advisory CESA-2017:3379 An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Scientific Linux Security Update : sssd on SL7.x x86_64 (20171205)
Security Fixes : - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use thi...