CVE-2014-0249
Description
The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.
Risk Information
Base Score
7.5
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.054
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) libipa_hbac0-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) libipa_hbac0-debuginfo-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) libsss_idmap0-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) libsss_idmap0-debuginfo-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) libsss_sudo-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) libsss_sudo-debuginfo-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) python-sssd-config-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) python-sssd-config-debuginfo-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-32bit-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-ad-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-ad-debuginfo-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-debuginfo-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-debuginfo-32bit-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-debugsource-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-ipa-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-ipa-debuginfo-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-krb5-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-krb5-common-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-krb5-common-debuginfo-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-krb5-debuginfo-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-ldap-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-ldap-debuginfo-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-proxy-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-proxy-debuginfo-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-tools-1.11.5.1-28.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2579-1(SUSE Linux Enterprise Desktop 12-SP1 ) sssd-tools-debuginfo-1.11.5.1-28.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234