 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.123698 |
| Category: | Oracle Linux Local Security Checks |
| Title: | Oracle: Security Advisory (ELSA-2013-0508) |
| Summary: | The remote host is missing an update for the 'sssd' package(s) announced via the ELSA-2013-0508 advisory. |
| Description: | Summary: The remote host is missing an update for the 'sssd' package(s) announced via the ELSA-2013-0508 advisory. Vulnerability Insight: [1.9.2-82] - Resolves: rhbz#888614 - Failure in memberof can lead to failed database update [1.9.2-81] - Resolves: rhbz#903078 - TOCTOU race conditions by copying and removing directory trees [1.9.2-80] - Resolves: rhbz#903078 - Out-of-bounds read flaws in autofs and ssh services responders [1.9.2-79] - Resolves: rhbz#902716 - Rule mismatch isn't noticed before smart refresh on ppc64 and s390x [1.9.2-78] - Resolves: rhbz#896476 - SSSD should warn when pam_pwd_expiration_warning value is higher than passwordWarning LDAP attribute. [1.9.2-77] - Resolves: rhbz#902436 - possible segfault when backend callback is removed [1.9.2-76] - Resolves: rhbz#895132 - Modifications using sss_usermod tool are not reflected in memory cache [1.9.2-75] - Resolves: rhbz#894302 - sssd fails to update to changes on autofs maps [1.9.2-74] - Resolves: rhbz894381 - memory cache is not updated after user is deleted from ldb cache [1.9.2-73] - Resolves: rhbz895615 - ipa-client-automount: autofs failed in s390x and ppc64 platform [1.9.2-72] - Resolves: rhbz#894997 - sssd_be crashes looking up members with groups outside the nesting limit [1.9.2-71] - Resolves: rhbz#895132 - Modifications using sss_usermod tool are not reflected in memory cache [1.9.2-70] - Resolves: rhbz#894428 - wrong filter for autofs maps in sss_cache [1.9.2-69] - Resolves: rhbz#894738 - Failover to ldap_chpass_backup_uri doesn't work [1.9.2-68] - Resolves: rhbz#887961 - AD provider: getgrgid removes nested group memberships [1.9.2-67] - Resolves: rhbz#878583 - IPA Trust does not show secondary groups for AD Users for commands like id and getent [1.9.2-66] - Resolves: rhbz#874579 - sssd caching not working as expected for selinux usermap contexts [1.9.2-65] - Resolves: rhbz#892197 - Incorrect principal searched for in keytab [1.9.2-64] - Resolves: rhbz#891356 - Smart refresh doesn't notice 'defaults' addition with OpenLDAP [1.9.2-63] - Resolves: rhbz#878419 - sss_userdel doesn't remove entries from in-memory cache [1.9.2-62] - Resolves: rhbz#886848 - user id lookup fails for case sensitive users using proxy provider [1.9.2-61] - Resolves: rhbz#890520 - Failover to krb5_backup_kpasswd doesn't work [1.9.2-60] - Resolves: rhbz#874618 - sss_cache: fqdn not accepted [1.9.2-59] - Resolves: rhbz#889182 - crash in memory cache [1.9.2-58] - Resolves: rhbz#889168 - krb5 ticket renewal does not read the renewable tickets from cache [1.9.2-57] - Resolves: rhbz#886091 - Disallow root SSH public key authentication - Add default section to switch statement (Related: rhbz#884666) [1.9.2-56] - Resolves: rhbz#886038 - sssd components seem to mishandle sighup [1.9.2-55] - Resolves: rhbz#888800 - Memory leak in new memcache initgr cleanup function [1.9.2-54] - Resolves: rhbz#888614 - Failure in memberof can lead to failed database update [1.9.2-53] - Resolves: rhbz#885078 - sssd_nss crashes during ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'sssd' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-0219 51928 http://secunia.com/advisories/51928 52315 http://secunia.com/advisories/52315 57539 http://www.securityfocus.com/bid/57539 FEDORA-2013-1795 http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html FEDORA-2013-1826 http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html RHSA-2013:0508 http://rhn.redhat.com/errata/RHSA-2013-0508.html RHSA-2013:1319 http://rhn.redhat.com/errata/RHSA-2013-1319.html http://git.fedorahosted.org/cgit/sssd.git/commit/?id=020bf88fd1c5bdac8fc671b37c7118f5378c7047 http://git.fedorahosted.org/cgit/sssd.git/commit/?id=3843b284cd3e8f88327772ebebc7249990fd87b9 http://git.fedorahosted.org/cgit/sssd.git/commit/?id=94cbf1cfb0f88c967f1fb0a4cf23723148868e4a http://git.fedorahosted.org/cgit/sssd.git/commit/?id=e864d914a44a37016736554e9257c06b18c57d37 https://bugzilla.redhat.com/show_bug.cgi?id=884254 https://fedorahosted.org/sssd/ticket/1782 https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4 Common Vulnerability Exposure (CVE) ID: CVE-2013-0220 http://git.fedorahosted.org/cgit/sssd.git/commit/?id=2bd514cfde1938b1e245af11c9b548d58d49b325 http://git.fedorahosted.org/cgit/sssd.git/commit/?id=30e2585dd46b62aa3a4abdf6de3f40a20e1743ab https://bugzilla.redhat.com/show_bug.cgi?id=884601 https://fedorahosted.org/sssd/ticket/1781 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |