Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0220

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2013-0220
Last Modified 27 Feb 2013 02:50:57
Published 24 Feb 2013 02:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-0220

Summary

The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of service (out-of-bounds read, crash, and restart) via a crafted SSSD packet.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 6

Application

  • Fedoraproject Sssd 0.2.1

  • Fedoraproject Sssd 0.3.0

  • Fedoraproject Sssd 0.3.1

  • Fedoraproject Sssd 0.3.2

  • Fedoraproject Sssd 0.3.3

  • Fedoraproject Sssd 0.4.0

  • Fedoraproject Sssd 0.4.1

  • Fedoraproject Sssd 0.5.0

  • Fedoraproject Sssd 0.6.0

  • Fedoraproject Sssd 0.6.1

  • Fedoraproject Sssd 0.7.0

  • Fedoraproject Sssd 0.7.1

  • Fedoraproject Sssd 0.99.0

  • Fedoraproject Sssd 0.99.1

  • Fedoraproject Sssd 1.0.0

  • Fedoraproject Sssd 1.0.1

  • Fedoraproject Sssd 1.0.2

  • Fedoraproject Sssd 1.0.3

  • Fedoraproject Sssd 1.0.4

  • Fedoraproject Sssd 1.0.5

  • Fedoraproject Sssd 1.0.6

  • Fedoraproject Sssd 1.0.99

  • Fedoraproject Sssd 1.1.0

  • Fedoraproject Sssd 1.1.1

  • Fedoraproject Sssd 1.1.2

  • Fedoraproject Sssd 1.1.91

  • Fedoraproject Sssd 1.1.92

  • Fedoraproject Sssd 1.2.0

  • Fedoraproject Sssd 1.2.1

  • Fedoraproject Sssd 1.2.2

  • Fedoraproject Sssd 1.2.3

  • Fedoraproject Sssd 1.2.4

  • Fedoraproject Sssd 1.2.91

  • Fedoraproject Sssd 1.3.0

  • Fedoraproject Sssd 1.3.1

  • Fedoraproject Sssd 1.4.0

  • Fedoraproject Sssd 1.4.1

  • Fedoraproject Sssd 1.5.0

  • Fedoraproject Sssd 1.5.1

  • Fedoraproject Sssd 1.5.10

  • Fedoraproject Sssd 1.5.11

  • Fedoraproject Sssd 1.5.12

  • Fedoraproject Sssd 1.5.13

  • Fedoraproject Sssd 1.5.14

  • Fedoraproject Sssd 1.5.15

  • Fedoraproject Sssd 1.5.16

  • Fedoraproject Sssd 1.5.17

  • Fedoraproject Sssd 1.5.2

  • Fedoraproject Sssd 1.5.3

  • Fedoraproject Sssd 1.5.4

  • Fedoraproject Sssd 1.5.5

  • Fedoraproject Sssd 1.5.6

  • Fedoraproject Sssd 1.5.6.1

  • Fedoraproject Sssd 1.5.7

  • Fedoraproject Sssd 1.5.8

  • Fedoraproject Sssd 1.5.9

  • Fedoraproject Sssd 1.6.0

  • Fedoraproject Sssd 1.6.1

  • Fedoraproject Sssd 1.6.2

  • Fedoraproject Sssd 1.6.3

  • Fedoraproject Sssd 1.6.4

  • Fedoraproject Sssd 1.7.0

  • Fedoraproject Sssd 1.8.0

  • Fedoraproject Sssd 1.8.1

  • Fedoraproject Sssd 1.8.2

  • Fedoraproject Sssd 1.8.3

  • Fedoraproject Sssd 1.8.4

  • Fedoraproject Sssd 1.8.5

  • Fedoraproject Sssd 1.8.6

  • Fedoraproject Sssd 1.9.0

  • Fedoraproject Sssd 1.9.1

  • Fedoraproject Sssd 1.9.2

  • Fedoraproject Sssd 1.9.3


References

CONFIRM - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4

CONFIRM - https://fedorahosted.org/sssd/ticket/1781

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=884601

BID - 57539

SECUNIA - 52315

SECUNIA - 51928

REDHAT - RHSA-2013:0508

FEDORA - FEDORA-2013-1826

FEDORA - FEDORA-2013-1795

CONFIRM - http://git.fedorahosted.org/cgit/sssd.git/commit/?id=30e2585dd46b62aa3a4abdf6de3f40a20e1743ab

CONFIRM - http://git.fedorahosted.org/cgit/sssd.git/commit/?id=2bd514cfde1938b1e245af11c9b548d58d49b325


Last Updated: 27 May 2016 11:01:57