50 matches found
EulerOS 2.0 SP8 : sssd (EulerOS-SA-2023-1610)
According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - sssd: libssscertmap fails to sanitise certificate data used in LDAP filters CVE-2022-4254 Note that Tenable Network Security has extracted the...
Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2023-1610)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : sssd (ALAS-2023-1995)
The version of sssd installed on the remote host is prior to 1.16.5-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1995 advisory. A vulnerability was found in SSSD, in the libssscertmap functionality. PKINIT enables a client to authenticate to the KDC using an...
SUSE SLES12: libipa_hbac-devel / libipa_hbac0 / libsss_certmap0 / etc (SUSE-SU-2023:0301-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0301-1 advisory. - CVE-2022-4254: Fixed a bug in libssscertmap which could allow an attacker to gain control of the admin account and perform a full domain...
CVE-2022-4254
sssd: libssscertmap fails to sanitise certificate data used in LDAP filters...
Design/Logic Flaw
sssd: libssscertmap fails to sanitise certificate data used in LDAP filters...
UBUNTU-CVE-2022-4254
sssd: libssscertmap fails to sanitise certificate data used in LDAP filters...
CVE-2022-4254
CVE-2022-4254 concerns sssd’s libsss_certmap, where certificate data used in LDAP filters is not sanitized, enabling LDAP filter injection. Public disclosures and advisories (e.g., Debian DLA 3436-1/3436-2, ALAS2-2023-1995, ALAS-2023-1723) indicate the issue can lead to privilege escalation or ad...
The vulnerability of the libsss_certmap package from the access control service for remote directories and the sssd authentication mechanism allows a perpetrator to increase their privileges.
The vulnerability of the libssscertmap package, a service for managing access to remote directories and an authentication mechanism for sssd, is related to the inability to clear certificate data when using LDAP filtering. Exploiting this vulnerability could allow a malicious actor to increase...
CVE-2022-4254
sssd: libssscertmap fails to sanitise certificate data used in LDAP filters...
libipa_hbac, libsss_autofs, libsss_certmap, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, libsss_sudo, python, sssd security update
CentOS Errata and Security Advisory CESA-2023:0403 An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
SUSE SLES12: libipa_hbac0 / libsss_certmap0 / libsss_idmap-devel / libsss_idmap0 / etc (SUSE-SU-2023:0200-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0200-1 advisory. - CVE-2022-4254: Fixed a bug in libssscertmap which could allow an attacker to gain control of the admin account and perform a full domain...
SUSE SLES15: libipa_hbac-devel / libipa_hbac0 / libsss_certmap-devel / etc (SUSE-SU-2023:0204-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0204-1 advisory. - CVE-2022-4254: Fixed a bug in libssscertmap which could allow an attacker to gain control of the admin account and perform a full domain...
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
A vulnerability was found in SSSD, in the libssscertmap functionality. PKINIT enables a client to authenticate to the KDC using an X.509 certificate and the corresponding private key, rather than a passphrase or keytab. FreeIPA uses mapping rules to map a certificate presented during a PKINIT...
Important: Red Hat Security Advisory: sssd security update
An update for sssd is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...
CVE-2022-4254
A vulnerability was found in SSSD, in the libssscertmap functionality. PKINIT enables a client to authenticate to the KDC using an X.509 certificate and the corresponding private key, rather than a passphrase or keytab. FreeIPA uses mapping rules to map a certificate presented during a PKINIT...
RHEL 8 : sssd (RHSA-2023:0397)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0397 advisory. The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It...
Oracle Linux 7 : sssd (ELSA-2023-0403)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-0403 advisory. 1.16.5-10.0.3 - Revert Redhat's change of disallowing duplicated incomplete gid when 'idprovider=ldap' is used, which caused regression in AD environment. Orabu...
RHEL 7 : sssd (RHSA-2023:0403)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0403 advisory. The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It...
Mageia: Security Advisory (MGASA-2019-0395)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...