CPE-10511ECA-FBEB-4086-A14C-7F09F88B93C2 Detail

CPE Details

Fedora SSSD - System Security Services Daemon 1.9.3

Vendor

fedoraproject

Product

sssd

Version

1.9.3

Created

2013-02-25
18h29 +00:00

Modified

2013-03-07
17h45 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:fedoraproject:sssd:1.9.3:::::::*

Informations

Vendor

fedoraproject

Product

sssd

Version

1.9.3

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2019-3811	2019-01-15 15h00 +00:00	A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.	5.2	Medium
CVE-2017-12173	2018-07-27 14h00 +00:00	It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.	8.8	High
CVE-2018-10852	2018-06-26 12h00 +00:00	The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3.	7.5	High
CVE-2013-0287	2013-03-21 15h00 +00:00	The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.	4.9
CVE-2013-0220	2013-02-24 19h00 +00:00	The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of service (out-of-bounds read, crash, and restart) via a crafted SSSD packet.	5
CVE-2013-0219	2013-02-24 18h00 +00:00	System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.	3.7

Fedora SSSD - System Security Services Daemon 1.9.3

CPE Details

CPE Name: cpe:2.3:a:fedoraproject:sssd:1.9.3:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:fedoraproject:sssd:1.9.3:::::::*