 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.123698 |
| Kategorie: | Oracle Linux Local Security Checks |
| Titel: | Oracle: Security Advisory (ELSA-2013-0508) |
| Zusammenfassung: | The remote host is missing an update for the 'sssd' package(s) announced via the ELSA-2013-0508 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'sssd' package(s) announced via the ELSA-2013-0508 advisory. Vulnerability Insight: [1.9.2-82] - Resolves: rhbz#888614 - Failure in memberof can lead to failed database update [1.9.2-81] - Resolves: rhbz#903078 - TOCTOU race conditions by copying and removing directory trees [1.9.2-80] - Resolves: rhbz#903078 - Out-of-bounds read flaws in autofs and ssh services responders [1.9.2-79] - Resolves: rhbz#902716 - Rule mismatch isn't noticed before smart refresh on ppc64 and s390x [1.9.2-78] - Resolves: rhbz#896476 - SSSD should warn when pam_pwd_expiration_warning value is higher than passwordWarning LDAP attribute. [1.9.2-77] - Resolves: rhbz#902436 - possible segfault when backend callback is removed [1.9.2-76] - Resolves: rhbz#895132 - Modifications using sss_usermod tool are not reflected in memory cache [1.9.2-75] - Resolves: rhbz#894302 - sssd fails to update to changes on autofs maps [1.9.2-74] - Resolves: rhbz894381 - memory cache is not updated after user is deleted from ldb cache [1.9.2-73] - Resolves: rhbz895615 - ipa-client-automount: autofs failed in s390x and ppc64 platform [1.9.2-72] - Resolves: rhbz#894997 - sssd_be crashes looking up members with groups outside the nesting limit [1.9.2-71] - Resolves: rhbz#895132 - Modifications using sss_usermod tool are not reflected in memory cache [1.9.2-70] - Resolves: rhbz#894428 - wrong filter for autofs maps in sss_cache [1.9.2-69] - Resolves: rhbz#894738 - Failover to ldap_chpass_backup_uri doesn't work [1.9.2-68] - Resolves: rhbz#887961 - AD provider: getgrgid removes nested group memberships [1.9.2-67] - Resolves: rhbz#878583 - IPA Trust does not show secondary groups for AD Users for commands like id and getent [1.9.2-66] - Resolves: rhbz#874579 - sssd caching not working as expected for selinux usermap contexts [1.9.2-65] - Resolves: rhbz#892197 - Incorrect principal searched for in keytab [1.9.2-64] - Resolves: rhbz#891356 - Smart refresh doesn't notice 'defaults' addition with OpenLDAP [1.9.2-63] - Resolves: rhbz#878419 - sss_userdel doesn't remove entries from in-memory cache [1.9.2-62] - Resolves: rhbz#886848 - user id lookup fails for case sensitive users using proxy provider [1.9.2-61] - Resolves: rhbz#890520 - Failover to krb5_backup_kpasswd doesn't work [1.9.2-60] - Resolves: rhbz#874618 - sss_cache: fqdn not accepted [1.9.2-59] - Resolves: rhbz#889182 - crash in memory cache [1.9.2-58] - Resolves: rhbz#889168 - krb5 ticket renewal does not read the renewable tickets from cache [1.9.2-57] - Resolves: rhbz#886091 - Disallow root SSH public key authentication - Add default section to switch statement (Related: rhbz#884666) [1.9.2-56] - Resolves: rhbz#886038 - sssd components seem to mishandle sighup [1.9.2-55] - Resolves: rhbz#888800 - Memory leak in new memcache initgr cleanup function [1.9.2-54] - Resolves: rhbz#888614 - Failure in memberof can lead to failed database update [1.9.2-53] - Resolves: rhbz#885078 - sssd_nss crashes during ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'sssd' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-0219 51928 http://secunia.com/advisories/51928 52315 http://secunia.com/advisories/52315 57539 http://www.securityfocus.com/bid/57539 FEDORA-2013-1795 http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html FEDORA-2013-1826 http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html RHSA-2013:0508 http://rhn.redhat.com/errata/RHSA-2013-0508.html RHSA-2013:1319 http://rhn.redhat.com/errata/RHSA-2013-1319.html http://git.fedorahosted.org/cgit/sssd.git/commit/?id=020bf88fd1c5bdac8fc671b37c7118f5378c7047 http://git.fedorahosted.org/cgit/sssd.git/commit/?id=3843b284cd3e8f88327772ebebc7249990fd87b9 http://git.fedorahosted.org/cgit/sssd.git/commit/?id=94cbf1cfb0f88c967f1fb0a4cf23723148868e4a http://git.fedorahosted.org/cgit/sssd.git/commit/?id=e864d914a44a37016736554e9257c06b18c57d37 https://bugzilla.redhat.com/show_bug.cgi?id=884254 https://fedorahosted.org/sssd/ticket/1782 https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4 Common Vulnerability Exposure (CVE) ID: CVE-2013-0220 http://git.fedorahosted.org/cgit/sssd.git/commit/?id=2bd514cfde1938b1e245af11c9b548d58d49b325 http://git.fedorahosted.org/cgit/sssd.git/commit/?id=30e2585dd46b62aa3a4abdf6de3f40a20e1743ab https://bugzilla.redhat.com/show_bug.cgi?id=884601 https://fedorahosted.org/sssd/ticket/1781 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |