Information Disclosure

sssd is vulnerable to information disclosure. The set of sudo rules in SSSD-sudo responder is configured with insecure permissions which would allow any user using the same raw protocol to read sudo rules for any user...

SUSE SLED15 / SLES15 Security Update : sssd (SUSE-SU-2018:2144-1)

This update for sssd fixes the following security issue : - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users bsc1098377. Note that Tenable Network Security has extracted the preceding description block directly from th...

Low: sssd

Issue Overview: The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of permissions. Any user who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user.CVE-2018-10852...

sssd: information leak from the sssd-sudo responder

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of permissions. Any user who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user...

openSUSE: Security Advisory for sssd (openSUSE-SU-2018:2289-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2018:2144-1 Security update for sssd

This update for sssd fixes the following security issue: - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users bsc1098377...

SSSD Information Disclosure Vulnerability

SSSD is a daemon for managing access to remote directories and authentication mechanisms. A security vulnerability exists in SSSD that stems from the program's failure to restrict the privileges of the UNIX pipe. An attacker can exploit the vulnerability by sending a message to read sudo rules...

DEBIAN-CVE-2018-10852

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD befor...

CVE-2018-10852

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD befor...

UBUNTU-CVE-2018-10852

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD befor...

CVE-2018-10852

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of permissions. Any user who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user...

openSUSE Security Update : sssd (openSUSE-2016-1238)

This update for sssd fixes one security issue and three bugs. The following vulnerability was fixed : - CVE-2014-0249: Incorrect expansion of group membership when encountering a non-POSIX group. bsc880245 The following non-security fixes were also included : - Prevent crashes of statically linke...

SUSE SLED12 / SLES12 Security Update : sssd (SUSE-SU-2016:2579-1)

This update for sssd fixes one security issue and three bugs. The following vulnerability was fixed : - CVE-2014-0249: Incorrect expansion of group membership when encountering a non-POSIX group. bsc880245 The following non-security fixes were also included : - Prevent crashes of statically linke...

Scientific Linux Security Update : sssd on SL7.x x86_64 (20151119)

It was found that SSSD's Privilege Attribute Certificate PAC responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon...

libipa_hbac, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, python, sssd security update

CentOS Errata and Security Advisory CESA-2015:2355 Updated sssd packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability...

RedHat Update for sssd RHSA-2015:2019-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for libipa_hbac CESA-2015:2019 centos6

Check the version of libipahbac SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882323";...

libipa_hbac, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, python, sssd security update

CentOS Errata and Security Advisory CESA-2015:2019 Updated sssd packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base...

Scientific Linux Security Update : sudo on SL6.x i386/x86_64 (20150722)

It was discovered that sudo did not perform any checks of the TZ environment variable value. If sudo was configured to preserve the TZ environment variable, a local user with privileges to execute commands via sudo could possibly use this flaw to achieve system state changes not permitted by the...

RedHat Update for sudo RHSA-2015:1409-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...