7 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-16883
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the alloweduids configuration parameter. If sensitive...
RHEL 6 : sssd (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sssd: information leak from the sssd-sudo responder CVE-2018-10852 - sssd versions from 1.13.0 to before...
RHEL 7 : sssd (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - sssd: Information leak in infopipe due to an improper uid restriction CVE-2018-16883 Note that Nessus has not teste...
Advisory ROSA-SA-2021-1977
Software: sssd 1.16.5 OS: Cobalt 7.9 CVE-ID: CVE-2018-16883 CVE-Crit: MEDIUM CVE-DESC: sssd versions 1.13.0 through 2.0.0 incorrectly restricted access to the information channel according to the "alloweduids" configuration parameter. If sensitive information was stored in a user's directory, it...
Mailcleaner - (Authenticated) Remote Code Execution (Metasploit)
Mailcleaner - Authenticated Remote Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Mailcleaner Remote Code Execution", 'Description' = %q This module exploits the...
CVE-2018-16883
sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers...
CVE-2018-16883
CVE-2018-16883 affects sssd versions 1.13.0 to before 2.0.0. The vulnerability stems from improper restriction of access to the infopipe per the allowed_uids config, potentially exposing sensitive information in the user directory to local attackers. Impact is local, with partial confidentiality ...