Oval Definition:oval:org.mitre.oval:def:20984
Revision Date:2014-02-17Version:38
Title:RHSA-2013:0508: sssd security, bug fix and enhancement update (Low)
Description:The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of service (out-of-bounds read, crash, and restart) via a crafted SSSD packet.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2013:0508
CVE-2013-0219
CVE-2013-0220
RHSA-2013:0508-02
Platform(s):CentOS Linux 6
Red Hat Enterprise Linux 6
Product(s):sssd
Definition Synopsis
  • Redhat 6 or Centos 6 release
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • OR The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • sssd-client is earlier than 0:1.9.2-82.el6
  • OR libipa_hbac-python is earlier than 0:1.9.2-82.el6
  • OR libsss_sudo is earlier than 0:1.9.2-82.el6
  • OR sssd is earlier than 0:1.9.2-82.el6
  • OR libipa_hbac is earlier than 0:1.9.2-82.el6
  • OR libsss_idmap is earlier than 0:1.9.2-82.el6
  • OR libsss_autofs is earlier than 0:1.9.2-82.el6
  • OR libipa_hbac-devel is earlier than 0:1.9.2-82.el6
  • OR sssd-tools is earlier than 0:1.9.2-82.el6
  • OR libsss_idmap-devel is earlier than 0:1.9.2-82.el6
  • OR libsss_sudo-devel is earlier than 0:1.9.2-82.el6
    • BACK