[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2015:2019-01 -- Redhat sssd

ID: oval:org.secpod.oval:def:501676Date: (C)2015-11-17   (M)2023-07-28
Class: PATCHFamily: unix




The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. It was found that SSSD"s Privilege Attribute Certificate responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon application configured to authenticate using the PAC responder plug-in. This update also fixes the following bugs: * Previously, SSSD did not correctly handle sudo rules that applied to groups with names containing special characters, such as the "

Platform:
Red Hat Enterprise Linux 6
Product:
sssd
Reference:
RHSA-2015:2019-01
CVE-2015-5292
CVE    1
CVE-2015-5292
CPE    2
cpe:/o:redhat:enterprise_linux:6
cpe:/a:sssd:sssd

© SecPod Technologies