EUVD-2015-5269

Malware in sbrugna...

CVE-2012-3462

A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context...

sssd security update

2.4.0-9.0.1 - Restore default debug level for ssscache Orabug: 32810448 - Restore default debug level for shadow-utils tools Orabug: 32810448 - Revert Redhat's change of disallowing duplicated incomplete gid when 'idprovider=ldap' is used, which caused regression in AD environment. Orabug: 292867...

CentOS Update for sssd CESA-2011:0975 centos5 x86_64

Check for the Version of sssd OpenVAS Vulnerability Test CentOS Update for sssd CESA-2011:0975 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Design/Logic Flaw

The krb5saveccnamedone function in providers/krb5/krb5auth.c in System Security Services Daemon SSSD 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by...