NewStart CGSL CORE 5.04 / MAIN 5.04 : authconfig Vulnerability (NS-SA-2021-0048)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has authconfig packages installed that are affected by a vulnerability: - Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of...

Huawei EulerOS: Security Advisory for authconfig (EulerOS-SA-2017-1196)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A vulnerability in authconfig affects PowerKVM

Summary PowerKVM is affected by a vulnerability in authconfig. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2017-7488 DESCRIPTION: Authconfig could allow a remote attacker to obtain sensitive information, caused by a flaw when using SSSD to perform authentication. By...

EulerOS 2.0 SP2 : authconfig (EulerOS-SA-2017-1196)

According to the version of the authconfig packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found where authconfig could configure sssd in a way that treats existing and non-existing logins differently, leaking information o...

EulerOS 2.0 SP1 : authconfig (EulerOS-SA-2017-1195)

According to the version of the authconfig packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found where authconfig could configure sssd in a way that treats existing and non-existing logins differently, leaking information o...

Amazon Linux AMI : authconfig (ALAS-2017-875)

Information leak when SSSD is used for authentication against remote server : A flaw was found where authconfig could configure sssd in a way that treats existing and non-existing logins differently, leaking information on existence of a user. An attacker with physical or network access to the...

CentOS 7 : authconfig (CESA-2017:2285)

An update for authconfig is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Scientific Linux Security Update : authconfig on SL7.x x86_64 (20170801)

Security Fixes : - A flaw was found where authconfig could configure sssd in a way that treats existing and non-existing logins differently, leaking information on existence of a user. An attacker with physical or network access to the machine could enumerate users via a timing attack...

Oracle Linux 7 : authconfig (ELSA-2017-2285)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-2285 advisory. - fix typo in the patch for CVE-2017-7488 1441604 - CVE-2017-7488 authconfig: Information leak when SSSD is used for authentication against remote server 144160...

authconfig security, bug fix, and enhancement update

6.2.8-30 - do not use /usr and LIBDIR together 1455233 6.2.8-29 - update translations 1449625 6.2.8-28 - ignore PAMIGNORE for pamsucceedif so application do not fail in pamsetcred 1450425 6.2.8-27 - fix typo in the patch for CVE-2017-7488 1441604 6.2.8-26 - CVE-2017-7488 authconfig: Information...

RedHat Update for authconfig RHSA-2017:2285-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : authconfig (RHSA-2017:2285)

An update for authconfig is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CVE-2017-7488

Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames...

CVE-2017-7488

CVE-2017-7488 affects Authconfig 6.2.8, where using SSSD to authenticate against a remote server can leak information about existing usernames. The issue is described across multiple advisories (Red Hat/CentOS Amazon Linux, MiracleLinux, EulerOS, NewStart CGSL) as an information exposure in the S...