Vulners
Lucene search
Fedora SSSD Kerberos验证安全绕过漏洞
| Reporter | Title | Published | Views | Family All 21 |
|---|---|---|---|---|
 | CVE-2010-0014 | 14 Jan 201018:00 | – | cve |
 | CVE-2010-0014 | 14 Jan 201018:00 | – | cvelist |
 | CVE-2010-0014 | 14 Jan 201018:00 | – | debiancve |
 | EUVD-2010-0046 | 7 Oct 202500:30 | – | euvd |
 | [SECURITY] Fedora 12 Update: sssd-1.2.2-20.fc12 | 2 Sep 201020:41 | – | fedora |
| [SECURITY] Fedora 12 Update: sssd-1.0.1-1.fc12 | 12 Jan 201020:48 | – | fedora |
| [SECURITY] Fedora 11 Update: sssd-1.0.1-1.fc11 | 12 Jan 201020:55 | – | fedora |
 | Fedora 12 : sssd-1.0.1-1.fc12 (2010-0413) | 1 Jul 201000:00 | – | nessus |
| Fedora 11 : sssd-1.0.1-1.fc11 (2010-0451) | 1 Jul 201000:00 | – | nessus |
 | CVE-2010-0014 | 14 Jan 201018:30 | – | nvd |
10
1,设置SSSD系统使用Kerberos进行校验。
2,当SSSD在线时登录。
3,校验用户是否在Kerberos realm中有合法TGT。
4,拔线。
5,锁定显示。
6,用户可以以任何密码解锁。
另外,这可使系统网络存在安全漏洞,如果SSSD在离线状态(或者KDC或身份鉴定服务器不能连接),攻击者可以登录任意拥有合法TGT的帐户。
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
13 Jan 2010 00:00Current
6.4Medium risk
Vulners AI Score6.4
EPSS0.00686