Showing 1 - 1 of 1

CVE-2013-0287

Status Candidate

Overview

The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.

Related Files

Red Hat Security Advisory 2013-0663-01: Posted Mar 20, 2013; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2013-0663-01 - SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides NSS and PAM interfaces toward the system and a pluggable back end system to connect to multiple different account sources. When SSSD was configured as a Microsoft Active Directory client by using the new Active Directory provider, the Simple Access Provider did not handle access control correctly. If any groups were specified with the "simple_deny_groups" option, all users were permitted access.; tags | advisory, remote; systems | linux, redhat; advisories | CVE-2013-0287; SHA-256 | dead9317699f5089b93d69eff067de302f0ed4046e9544a10ea4072f333332b9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2013-0287

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems