Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2018-16883

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the alloweduids configuration parameter. If sensitive...

5.5CVSS5.7AI score0.00382EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.25 views

RHEL 6 : sssd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sssd: information leak from the sssd-sudo responder CVE-2018-10852 - sssd versions from 1.13.0 to before...

7.5CVSS7.8AI score0.01519EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.14 views

RHEL 7 : sssd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - sssd: Information leak in infopipe due to an improper uid restriction CVE-2018-16883 Note that Nessus has not teste...

5.5CVSS5.5AI score0.00382EPSS
Exploits0References1
Rosalinux
Rosalinux
added 2021/07/02 6:10 p.m.21 views

Advisory ROSA-SA-2021-1977

Software: sssd 1.16.5 OS: Cobalt 7.9 CVE-ID: CVE-2018-16883 CVE-Crit: MEDIUM CVE-DESC: sssd versions 1.13.0 through 2.0.0 incorrectly restricted access to the information channel according to the "alloweduids" configuration parameter. If sensitive information was stored in a user's directory, it...

5.5CVSS5.6AI score0.00696EPSS
Exploits0
exploitpack
exploitpack
added 2019/01/07 12:0 a.m.12 views

Mailcleaner - (Authenticated) Remote Code Execution (Metasploit)

Mailcleaner - Authenticated Remote Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Mailcleaner Remote Code Execution", 'Description' = %q This module exploits the...

0.4AI score
Exploits0
OSV
OSV
added 2018/12/19 2:29 p.m.8 views

CVE-2018-16883

sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers...

5.5CVSS5.8AI score0.00382EPSS
Exploits0References2
CVE
CVE
added 2018/12/19 2:0 p.m.69 views

CVE-2018-16883

CVE-2018-16883 affects sssd versions 1.13.0 to before 2.0.0. The vulnerability stems from improper restriction of access to the infopipe per the allowed_uids config, potentially exposing sensitive information in the user directory to local attackers. Impact is local, with partial confidentiality ...

5.5CVSS5.1AI score0.00382EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder