Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1758

Overview

Vulnerability Score 3.7 3.7
CVE Id CVE-2011-1758
Last Modified 27 May 2011 12:00:00
Published 26 May 2011 02:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2011-1758

Summary

The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname.

Vulnerable Systems

Application

  • Fedoraproject Sssd 1.5.0

  • Fedoraproject Sssd 1.5.1

  • Fedoraproject Sssd 1.5.2

  • Fedoraproject Sssd 1.5.3

  • Fedoraproject Sssd 1.5.4

  • Fedoraproject Sssd 1.5.5

  • Fedoraproject Sssd 1.5.6

  • Fedoraproject Sssd 1.5.6.1


References

CONFIRM - https://fedorahosted.org/sssd/ticket/856

MLIST - [sssd-devel] 20110429 SSSD Security Release 1.5.7

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=700867

MLIST - [oss-security] 20110429 vulnerability in sssd 1.5.0+ (CVE-2011-1758)

CONFIRM - http://git.fedorahosted.org/git/?p=sssd.git;a=commit;h=fffdae81651b460f3d2c119c56d5caa09b4de42a

CONFIRM - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.7

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=700891

FEDORA - FEDORA-2011-5815

FEDORA - FEDORA-2011-6279


Last Updated: 27 May 2016 10:56:47