Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2015-5292
HistoryOct 29, 2015 - 12:00 a.m.

CVE-2015-5292

2015-10-2900:00:00
ubuntu.com
ubuntu.com
11

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.014 Low

EPSS

Percentile

86.8%

JSON

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin
(sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before
1.13.1 allows remote authenticated users to cause a denial of service
(memory consumption) via a large number of logins that trigger parsing of
PAC blobs during Kerberos authentication.

Bugs

Notes

Author Note
sbeattie according to debian, the responder part is not built, so might not be affected

Related

nessus 13
openvas 7
centos 2
veracode 1
cvelist 1
nvd 1
cve 1
oraclelinux 2
redhat 2
f5 1
fedora 3
debiancve 1
amazon 1
prion 1
nessus
nessus
CentOS 7 : sssd (CESA-2015:2355)
2015-12-02 00:00:00
Amazon Linux AMI : sssd (ALAS-2016-635)
2016-01-19 00:00:00
CentOS 6 : sssd (CESA-2015:2019)
2015-11-11 00:00:00
openvas
openvas
CentOS Update for libipa_hbac CESA-2015:2019 centos6
2015-11-11 00:00:00
RedHat Update for sssd RHSA-2015:2355-01
2015-11-20 00:00:00
RedHat Update for sssd RHSA-2015:2019-01
2015-11-11 00:00:00
centos
centos
libipa_hbac, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, python, sssd security update
2015-11-10 13:43:26
libipa_hbac, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, python, sssd security update
2015-11-30 19:52:40
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:08:22
cvelist
cvelist
CVE-2015-5292
2015-10-29 16:00:00
nvd
nvd
CVE-2015-5292
2015-10-29 16:59:00
cve
cve
CVE-2015-5292
2015-10-29 16:59:00
oraclelinux
oraclelinux
sssd security and bug fix update
2015-11-10 00:00:00
sssd security, bug fix, and enhancement update
2015-11-24 00:00:00
redhat
redhat
(RHSA-2015:2019) Low: sssd security and bug fix update
2015-11-10 00:00:00
(RHSA-2015:2355) Low: sssd security, bug fix, and enhancement update
2015-11-19 13:37:40
f5
f5
K48523069 : System Security Services Daemon vulnerability CVE-2015-5292
2017-09-13 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: sssd-1.13.1-2.fc23
2015-10-11 16:08:12
[SECURITY] Fedora 22 Update: sssd-1.13.1-2.fc22
2015-10-20 01:56:37
[SECURITY] Fedora 21 Update: sssd-1.12.5-4.fc21
2015-10-20 02:54:52
debiancve
debiancve
CVE-2015-5292
2015-10-29 16:59:00
amazon
amazon
Low: sssd
2016-01-18 11:00:00
prion
prion
Authentication flaw
2015-10-29 16:59:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.014 Low

EPSS

Percentile

86.8%

JSON
Related for UB:CVE-2015-5292
nessus13openvas7centos2veracode1cvelist1nvd1cve1oraclelinux2redhat2f51fedora3debiancve1amazon1prion1