oval:org.mitre.oval:def:27527
| Definition Id: oval:org.mitre.oval:def:27527 | |||
| Oval ID: | oval:org.mitre.oval:def:27527 | ||
| Title: | DEPRECATED: ELSA-2013-0508 -- sssd security, bug fix and enhancement update (low) | ||
| Description: | A race condition was found in the way SSSD copied and removed user home directories. A local attacker who is able to write into the home directory of a different user who is being removed could use this flaw to perform symbolic link attacks, possibly allowing them to modify and delete arbitrary files with the privileges of the root user. (CVE-2013-0219) Multiple out-of-bounds memory read flaws were found in the way the autofs and SSH service responders parsed certain SSSD packets. An attacker could spend a specially-crafted packet that, when processed by the autofs or SSH service responders, would cause SSSD to crash. This issue only caused a temporary denial of service, as SSSD was automatically restarted by the monitor process after the crash. (CVE-2013-0220) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013-0508 CVE-2013-0220 CVE-2013-0219 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | sssd |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16594 | |||
| Oval ID: | oval:org.mitre.oval:def:16594 | ||
| Title: | Oracle Linux 6.x | ||
| Description: | The operating system installed on the system is Oracle Linux 6.x | ||
| Family: | unix | Class: | inventory |
| Reference(s): | cpe:/o:oracle:linux:6 | Version: | 5 |
| Platform(s): | Oracle Linux 6 | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:27527 | |||
