Sssd@1.3.0 Security Vulnerabilities and Issues — Sssd@1.3.0 CVE List

Lucene search

FedoraprojectSssd1.3.0

4 matches found

CVE•added 2011/01/25 1:0 a.m.•99 views

CVE-2010-4341

The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.

2.1CVSS5.8AI score0.00166EPSS

CVE•added 2013/02/24 7:55 p.m.•71 views

CVE-2013-0219

System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.

3.7CVSS6.1AI score0.00064EPSS

CVE•added 2013/02/24 7:55 p.m.•62 views

CVE-2013-0220

The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of servi...

5CVSS6.3AI score0.01922EPSS

CVE•added 2010/08/30 8:0 p.m.•46 views

CVE-2010-2940

The auth_send function in providers/ldap/ldap_auth.c in System Security Services Daemon (SSSD) 1.3.0, when LDAP authentication and anonymous bind are enabled, allows remote attackers to bypass the authentication requirements of pam_authenticate via an empty password.

5.1CVSS6.7AI score0.00237EPSS