Vulnerability Name:

CVE-2010-0014 (CCN-55597)

Assigned:2009-12-14
Published:2010-01-12
Updated:2010-01-15
Summary:System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting ticket (TGT); and might allow remote attackers to bypass intended access restrictions via vectors involving an arbitrary password in conjunction with a valid TGT.
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:3.7 Low (CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P)
2.7 Low (Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-287
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2010-0014

Source: CCN
Type: SA38160
SSSD Kerberos Authentication Security Bypass

Source: SECUNIA
Type: Vendor Advisory
38160

Source: CCN
Type: OSVDB ID: 62474
SSSD Kerberos Unreachable Key Distribution Center (KDC) TGT Impersonation Weakness

Source: BID
Type: UNKNOWN
37747

Source: CCN
Type: BID-37747
Fedora SSSD Kerberos Authentication Security Bypass Vulnerability

Source: CCN
Type: Red Hat Bugzilla Bug 553233
SSSD accepts any password when offline with a valid TGT available

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=553233

Source: XF
Type: UNKNOWN
sssd-authentication-security-bypass(55597)

Source: CCN
Type: SSSD Web site
SSSD - System Security Services Daemon

Source: CONFIRM
Type: Patch
https://fedorahosted.org/sssd/wiki/Releases/Notes-1.0.1

Vulnerable Configuration:Configuration 1:
  • cpe:/a:fedoraproject:sssd:0.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:0.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:0.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:0.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:0.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:0.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:0.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:0.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:0.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:0.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:0.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:0.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:0.99.0:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:0.99.1:*:*:*:*:*:*:*
  • OR cpe:/a:fedoraproject:sssd:*:*:*:*:*:*:*:* (Version <= 1.0.0)

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.precise:def:20100014000
    V
    		CVE-2010-0014 on Ubuntu 12.04 LTS (precise) - medium.
    2010-01-14
    BACK
    fedoraproject sssd 0.2.1
    fedoraproject sssd 0.3.0
    fedoraproject sssd 0.3.1
    fedoraproject sssd 0.3.2
    fedoraproject sssd 0.3.3
    fedoraproject sssd 0.4.0
    fedoraproject sssd 0.4.1
    fedoraproject sssd 0.5.0
    fedoraproject sssd 0.6.0
    fedoraproject sssd 0.6.1
    fedoraproject sssd 0.7.0
    fedoraproject sssd 0.7.1
    fedoraproject sssd 0.99.0
    fedoraproject sssd 0.99.1
    fedoraproject sssd *