Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2011-0975)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122117

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2011-0975)

Resumen: The remote host is missing an update for the 'sssd' package(s) announced via the ELSA-2011-0975 advisory.

Descripción: Summary:
The remote host is missing an update for the 'sssd' package(s) announced via the ELSA-2011-0975 advisory.

Vulnerability Insight:
[1.5.1-37]
- Reverts: rhbz#680443 - Dynamic DNS update fails if multiple servers are
- given in ipa_server config option

[1.5.1-36]
- Resolves: rhbz#709333 - sssd. should require sssd-client.

[1.5.1-35]
- Resolves: rhbz#707340 - latest sssd fails if ldap_default_authtok_type is
- not mentioned
- Resolves: rhbz#707574 - SSSD's async resolver only tries the first
- nameserver in /etc/resolv.conf

[1.5.1-34]
- Resolves: rhbz#701702 - sssd client libraries use select() but should use
- poll() instead

[1.5.1-33]
- Related: rhbz#700858 - Automatic TGT renewal overwrites cached password
- Fix segfault in TGT renewal

[1.5.1-32]
- Resolves: rhbz#700858 - Automatic TGT renewal overwrites cached password

[1.5.1-30]
- Resolves: rhbz#696979 - Filters not honoured against fully-qualified users

[1.5.1-29]
- Resolves: rhbz#694149 - SSSD consumes GBs of RAM, possible memory leak

[1.5.1-28]
- Related: rhbz#691900 - SSSD needs to fall back to 'cn' for GECOS
- information

[1.5.1-27]
- Related: rhbz#694853 - SSSD crashes during getent when anonymous bind is
- disabled

[1.5.1-26]
- Resolves: rhbz#695476 - Unable to resolve SRV record when called with
[in ldap_uri]
- Related: rhbz#694853 - SSSD crashes during getent when anonymous bind is
- disabled

[1.5.1-25]
- Resolves: rhbz#694853 - SSSD crashes during getent when anonymous bind is
- disabled

[1.5.1-24]
- Resolves: rhbz#692960 - Process /usr/libexec/sssd/sssd_be was killed by
- signal 11 (SIGSEGV)
- Fix is to not attempt to resolve nameless servers

[1.5.1-23]
- Resolves: rhbz#691900 - SSSD needs to fall back to 'cn' for GECOS
- information

[1.5.1-21]
- Resolves: rhbz#690867 - Groups with a zero-length memberuid attribute can
- cause SSSD to stop caching and responding to
- requests

[1.5.1-20]
- Resolves: rhbz#690287 - Traceback messages seen while interrupting
- sss_obfuscate using ctrl+d
- Resolves: rhbz#690814 - [abrt] sssd-1.2.1-28.el6_0.4: _talloc_free: Process
- /usr/libexec/sssd/sssd_be was killed by signal 11
- (SIGSEGV)

[1.5.1-19]
- Related: rhbz#690096 - SSSD should skip over groups with multiple names

[1.5.1-18]
- Resolves: rhbz#690093 - SSSD breaks on RDNs with a comma in them
- Resolves: rhbz#690096 - SSSD should skip over groups with multiple names
- Resolves: rhbz#689887 - group memberships are not populated correctly during
- IPA provider initgroups
- Resolves: rhbz#688697 - Skip users and groups that have incomplete contents
- Resolves: rhbz#688694 - authconfig fails when access_provider is set as krb5
- in sssd.conf

[1.5.1-17]
- Resolves: rhbz#688677 - Build SSSD in RHEL 5.7 against openldap24-libs
- Adds support for following LDAP referrals and using Mozilla NSS for crypto
- support

[1.5.1-16]
- Resolves: rhbz#683260 - sudo/ldap lookup via sssd gets stuck for 5min
- waiting on netgroup
- Resolves: rhbz#683585 - sssd consumes 100% CPU
- Related: rhbz#680441 - sssd does not handle kerberos server IP ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'sssd' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-4341
BugTraq ID: 45961
http://www.securityfocus.com/bid/45961
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053319.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053337.html
http://www.redhat.com/support/errata/RHSA-2011-0560.html
http://www.redhat.com/support/errata/RHSA-2011-0975.html
http://secunia.com/advisories/43053
http://secunia.com/advisories/43055
http://secunia.com/advisories/43068
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.vupen.com/english/advisories/2011/0197
http://www.vupen.com/english/advisories/2011/0212
XForce ISS Database: sssd-pamparseindatav2-dos(64881)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64881

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122117
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2011-0975)
Resumen:	The remote host is missing an update for the 'sssd' package(s) announced via the ELSA-2011-0975 advisory.
Descripción:	Summary: The remote host is missing an update for the 'sssd' package(s) announced via the ELSA-2011-0975 advisory. Vulnerability Insight: [1.5.1-37] - Reverts: rhbz#680443 - Dynamic DNS update fails if multiple servers are - given in ipa_server config option [1.5.1-36] - Resolves: rhbz#709333 - sssd. should require sssd-client. [1.5.1-35] - Resolves: rhbz#707340 - latest sssd fails if ldap_default_authtok_type is - not mentioned - Resolves: rhbz#707574 - SSSD's async resolver only tries the first - nameserver in /etc/resolv.conf [1.5.1-34] - Resolves: rhbz#701702 - sssd client libraries use select() but should use - poll() instead [1.5.1-33] - Related: rhbz#700858 - Automatic TGT renewal overwrites cached password - Fix segfault in TGT renewal [1.5.1-32] - Resolves: rhbz#700858 - Automatic TGT renewal overwrites cached password [1.5.1-30] - Resolves: rhbz#696979 - Filters not honoured against fully-qualified users [1.5.1-29] - Resolves: rhbz#694149 - SSSD consumes GBs of RAM, possible memory leak [1.5.1-28] - Related: rhbz#691900 - SSSD needs to fall back to 'cn' for GECOS - information [1.5.1-27] - Related: rhbz#694853 - SSSD crashes during getent when anonymous bind is - disabled [1.5.1-26] - Resolves: rhbz#695476 - Unable to resolve SRV record when called with [in ldap_uri] - Related: rhbz#694853 - SSSD crashes during getent when anonymous bind is - disabled [1.5.1-25] - Resolves: rhbz#694853 - SSSD crashes during getent when anonymous bind is - disabled [1.5.1-24] - Resolves: rhbz#692960 - Process /usr/libexec/sssd/sssd_be was killed by - signal 11 (SIGSEGV) - Fix is to not attempt to resolve nameless servers [1.5.1-23] - Resolves: rhbz#691900 - SSSD needs to fall back to 'cn' for GECOS - information [1.5.1-21] - Resolves: rhbz#690867 - Groups with a zero-length memberuid attribute can - cause SSSD to stop caching and responding to - requests [1.5.1-20] - Resolves: rhbz#690287 - Traceback messages seen while interrupting - sss_obfuscate using ctrl+d - Resolves: rhbz#690814 - [abrt] sssd-1.2.1-28.el6_0.4: _talloc_free: Process - /usr/libexec/sssd/sssd_be was killed by signal 11 - (SIGSEGV) [1.5.1-19] - Related: rhbz#690096 - SSSD should skip over groups with multiple names [1.5.1-18] - Resolves: rhbz#690093 - SSSD breaks on RDNs with a comma in them - Resolves: rhbz#690096 - SSSD should skip over groups with multiple names - Resolves: rhbz#689887 - group memberships are not populated correctly during - IPA provider initgroups - Resolves: rhbz#688697 - Skip users and groups that have incomplete contents - Resolves: rhbz#688694 - authconfig fails when access_provider is set as krb5 - in sssd.conf [1.5.1-17] - Resolves: rhbz#688677 - Build SSSD in RHEL 5.7 against openldap24-libs - Adds support for following LDAP referrals and using Mozilla NSS for crypto - support [1.5.1-16] - Resolves: rhbz#683260 - sudo/ldap lookup via sssd gets stuck for 5min - waiting on netgroup - Resolves: rhbz#683585 - sssd consumes 100% CPU - Related: rhbz#680441 - sssd does not handle kerberos server IP ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'sssd' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4341 BugTraq ID: 45961 http://www.securityfocus.com/bid/45961 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053319.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053337.html http://www.redhat.com/support/errata/RHSA-2011-0560.html http://www.redhat.com/support/errata/RHSA-2011-0975.html http://secunia.com/advisories/43053 http://secunia.com/advisories/43055 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.vupen.com/english/advisories/2011/0197 http://www.vupen.com/english/advisories/2011/0212 XForce ISS Database: sssd-pamparseindatav2-dos(64881) https://exchange.xforce.ibmcloud.com/vulnerabilities/64881
Copyright	Copyright (C) 2015 Greenbone AG