Scientific Linux Security Update : sssd on SL6.x i386/x86_64 (20151110)

It was found that SSSD's Privilege Attribute Certificate PAC responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon...

Oracle Linux 6 : sssd (ELSA-2015-2019)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2019 advisory. 1.12.4-47.4 - Resolves: rhbz1268783 - Memory leak / possible DoS with krb auth. 1.12.4-47.3 - Resolves: rhbz1268784 - SSSD POSIX attribute check is too strict...

sssd security and bug fix update

1.12.4-47.4 - Resolves: rhbz1268783 - Memory leak / possible DoS with krb auth. 1.12.4-47.3 - Resolves: rhbz1268784 - SSSD POSIX attribute check is too strict 1.12.4-47.2 - Resolves: rhbz1264098 - cleanupgroups should sanitize dn of groups 1.12.4-47.1 - Resolves: rhbz1258398 - sysdb sudo search...

CVE-2014-4509

The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager aka IDM 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters...

CVE-2014-4509

The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager aka IDM 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters...