Lucene search
K

28 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 4 : sssd-1.13.3-60.AXS4, ding-libs-0.4.0-13.AXS4 (AXSA:2018-3221:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3221:01 advisory. sssd: unsanitized input when searching in local cache database CVE-2017-12173 Tenable has extracted the preceding description block directly from the...

8.8CVSS6.5AI score0.01499EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 7 : sssd-1.15.2-50.el7.8 (AXSA:2017-2463:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2463:06 advisory. It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a...

8.8CVSS6.5AI score0.01499EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2017-0421)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.01499EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2017:2937-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.7AI score0.01499EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2018-1273)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.01499EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.42 views

NewStart CGSL MAIN 4.05 : sssd Vulnerability (NS-SA-2019-0132)

The remote NewStart CGSL host, running version MAIN 4.05, has sssd packages installed that are affected by a vulnerability: - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login...

8.8CVSS6.5AI score0.01499EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.22 views

NewStart CGSL MAIN 5.04 : sssd Vulnerability (NS-SA-2019-0002)

The remote NewStart CGSL host, running version MAIN 5.04, has sssd packages installed that are affected by a vulnerability: - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login...

8.8CVSS6.5AI score0.01499EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.22 views

EulerOS Virtualization for ARM 64 3.0.1.0 : sssd (EulerOS-SA-2019-1411)

According to the versions of the sssd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of...

8.8CVSS6.3AI score0.01519EPSS
Exploits0References3
OSV
OSV
added 2018/07/27 4:29 p.m.9 views

CVE-2017-12173

It was found that sssd's sysdbsearchuserbyupnres function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this fla...

8.8CVSS8.6AI score0.01499EPSS
Exploits0References3
CVE
CVE
added 2018/07/27 4:0 p.m.361 views

CVE-2017-12173

CVE-2017-12173 affects sssd: the sysdb_search_user_by_upn_res() function did not sanitize requests when querying the local cache, with versions before 1.16.0 vulnerable to injection. In centralized login environments, if a password hash is cached for a user, an authenticated attacker could retrie...

8.8CVSS8.4AI score0.01499EPSS
Exploits0References3Affected Software5
Tenable Nessus
Tenable Nessus
added 2018/06/27 12:0 a.m.34 views

Oracle Linux 6 : sssd / and / ding-libs (ELSA-2018-1877)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-1877 advisory. - Resolves: rhbz1507435 - CVE-2017-12173 sssd: unsanitized input when searching in local cache database rhel-6.10 Tenable has extracted the preceding descriptio...

8.8CVSS6.5AI score0.01499EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2018/06/25 12:0 a.m.56 views

sssd and ding-libs security and bug fix update

ding-libs 0.4.0-13 - Resolves: rhbz1538061 - sssd/libiniconfig cannot parse configuration file with line longer than 5102 0.4.0-12 - Related: rhbz1377213 - ding-libs dont parse lines without an equal sign sssd 1.13.3-60.0.1 - Orabug 26746822 - revert patch 0118 to fix LDAP netgroup lookup problem...

8.8CVSS1.3AI score0.01499EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/06/22 12:0 a.m.43 views

CentOS 6 : ding-libs / sssd (CESA-2018:1877)

An update for sssd and ding-libs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.7AI score0.01499EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2018/06/19 4:59 a.m.83 views

Moderate: Red Hat Security Advisory: sssd and ding-libs security and bug fix update

An update for sssd and ding-libs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.7AI score0.01499EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/06/19 12:0 a.m.63 views

RHEL 6 : sssd and ding-libs (RHSA-2018:1877)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1877 advisory. The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It...

8.8CVSS6.7AI score0.01499EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.22 views

Fedora 27 : sssd (2017-39c5f8cd7e)

Security fix for CVE-2017-12173 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

8.8CVSS6.5AI score0.01499EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/12/18 12:0 a.m.27 views

EulerOS 2.0 SP2 : sssd (EulerOS-SA-2017-1325)

According to the version of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In...

8.8CVSS6.5AI score0.01499EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/12/07 12:0 a.m.38 views

CentOS 7 : sssd (CESA-2017:3379)

An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

8.8CVSS6.6AI score0.01499EPSS
Exploits0References2
Cent OS
Cent OS
added 2017/12/06 1:24 p.m.105 views

libipa_hbac, libsss_autofs, libsss_certmap, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, libsss_sudo, python, sssd security update

CentOS Errata and Security Advisory CESA-2017:3379 An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS6.7AI score0.01499EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2017/12/06 12:0 a.m.30 views

Scientific Linux Security Update : sssd on SL7.x x86_64 (20171205)

Security Fixes : - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use thi...

8.8CVSS6.5AI score0.01499EPSS
Exploits0References2
Rows per page
Query Builder