[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2011-1758Date: (C)2011-05-26   (M)2023-12-22


The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 3.7
Exploit Score: 1.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
FEDORA-2011-5815
FEDORA-2011-6279
http://openwall.com/lists/oss-security/2011/04/29/4
https://fedorahosted.org/pipermail/sssd-devel/2011-April/006138.html
http://git.fedorahosted.org/git/?p=sssd.git%3Ba=commit%3Bh=fffdae81651b460f3d2c119c56d5caa09b4de42a
https://bugzilla.redhat.com/show_bug.cgi?id=700867
https://bugzilla.redhat.com/show_bug.cgi?id=700891
https://fedorahosted.org/sssd/ticket/856
https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.7

CWE    1
CWE-287
OVAL    2
oval:org.secpod.oval:def:102937
oval:org.secpod.oval:def:102637

© SecPod Technologies