Known Vulnerabilities for Sssd by Fedoraproject

Listed below are 10 of the newest known vulnerabilities associated with "Sssd" by "Fedoraproject".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2022-4254 sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters Not Provided 2023-02-01 2023-02-01
CVE-2019-3811 A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root direc... Not Provided 2019-01-15 2023-02-12
CVE-2018-16883 sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" co... 5.5 - MEDIUM 2018-12-19 2019-10-09
CVE-2018-16838 A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permis... Not Provided 2019-03-25 2023-02-13
CVE-2018-10852 The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which mea... 7.5 - HIGH 2018-06-26 2019-10-09
CVE-2017-12173 It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its lo... 8.8 - HIGH 2018-07-27 2019-10-09
CVE-2017-7488 Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resu... 8.8 - HIGH 2017-05-16 2023-02-12
CVE-2015-5292 Memory leak in the Privilege Attribute Certificate (PAC) responder plugin ( in System Security Services Da... 8.8 - HIGH 2015-10-29 2023-02-13
CVE-2014-0249 The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a ... 3.3 - LOW 2014-06-11 2019-04-22
CVE-2013-0287 The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider ... 3.3 - LOW 2013-03-21 2023-02-13

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language

Popular searches for Sssd

Features/SSSD - Fedora Project Wiki

Features/SSSD - Fedora Project Wiki This project provides a set of daemons to manage access to remote directories and authentication mechanisms, it provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources. The SSSD Fedora. The LDAP features will also add support for connection pooling. Configure SSSD J H F to connect to a Fedora Directory Server on this machine or another .

System Security Services Daemon Lightweight Directory Access Protocol Network Security Services FreeIPA Authentication Pluggable authentication module Fedora (operating system) The Fedora Project Front and back ends Wiki User (computing) Daemon (computing) Connection pool Directory (computing) Client (computing) Online and offline 389 Directory Server Plug-in (computing) Network Information Service Cache (computing)

Design/SSSD - Fedora Project Wiki

This is to address bug 578231 that was found during the SSSD By Default test day on 30 March 2010. in the Create home directories for centrally-managed users... checkbox, we dropped the "centrally-managed" word because the setting does not differentiate between centrally-managed and local users. Dropped "Cache user information" from the UI completely because with sssd y w caching and nscd caching there could be unexpected results. User waits for the system to attempt to authenticate them.

User (computing) Authentication System Security Services Daemon Lightweight Directory Access Protocol User interface Cache (computing) The Fedora Project Login Wiki Password Checkbox FreeIPA Kerberos (protocol) Computer configuration Software bug Home directory Server (computing) Network Information Service User information Managed code

© 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license. and Source URL Uptime Status