Ubuntu 24.04 LTS / 25.10 / 26.04 LTS : SSSD vulnerability (USN-8355-1)

The remote Ubuntu 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8355-1 advisory. It was discovered that SSSD did not properly handle raw bytes in the PAM passkey responder. A local attacker could possibly use this issue to...

CentOS 9 : sssd-2.9.9-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the sssd-2.9.9-1.el9 build changelog. - out-of-bounds read in the sssd CVE-2026-6245 Note that Nessus has not tested for this issue but has instead relied only on the application's...

CVE-2026-6245

CVE-2026-6245 affects the System Security Services Daemon (SSSD) PAM passkey responder. The pam_passkey_child_read_data() function mishandles raw bytes from a pipe, treating them as a NUL-terminated C string, causing an out-of-bounds read (Crash) and local DoS. Affected: SSSD PAM responder; vecto...

EulerOS 2.0 SP12 : sssd (EulerOS-SA-2026-1382)

According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, th...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2026-1262)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP13 : sssd (EulerOS-SA-2026-1262)

According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, th...

MiracleLinux 7 : sssd-1.16.5-10.el7.15 (AXSA:2023-4853:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4853:02 advisory. sssd: libssscertmap fails to sanitise certificate data used in LDAP filters CVE-2022-4254 Tenable has extracted the preceding description block directly from...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.60 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.60 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

RockyLinux 9 : sssd (RLSA-2025:20954)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:20954 advisory. sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems CVE-2025-11561 Tenable has extracted the preceding description...

SUSE: Security Advisory (SUSE-SU-2025:4247-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 9 : sssd (RHSA-2025:19852)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:19852 advisory. The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It...

RHEL 8 : sssd (RHSA-2025:19610)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:19610 advisory. The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It...

Amazon Linux 2 : sssd, --advisory ALAS2-2025-3050 (ALAS-2025-3050)

The version of sssd installed on the remote host is prior to 1.16.5-11. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3050 advisory. A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default...

EUVD-2019-13434

Malware in sbrugna...

EUVD-2013-0308

Malware in sbrugna...

EUVD-2010-4310

Malware in sbrugna...

EUVD-2011-1757

Malware in sbrugna...

EUVD-2009-2406

Malware in sbrugna...

EUVD-2017-3749

Malware in sbrugna...

NewStart CGSL MAIN 7.02 : sssd Vulnerability (NS-SA-2025-0194)

The remote NewStart CGSL host, running version MAIN 7.02, has sssd packages installed that are affected by a vulnerability: - A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting ...