Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-5292

Опубликовано: 29 окт. 2015
Источник: debian
EPSS Низкий

Описание

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
sssdfixed1.13.1-1package
sssdno-dsajessiepackage
sssdnot-affectedwheezypackage
sssdnot-affectedsqueezepackage

Примечания

  • binary package has the sssd_pac_plugin.so but the responder

  • part is not build.

  • https://fedorahosted.org/sssd/ticket/2803

  • https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch

EPSS

Процентиль: 85%
0.02687
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2015-5292

ubuntu
почти 10 лет назад

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.

redhat логотип

CVE-2015-5292

redhat
почти 10 лет назад

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.

nvd логотип

CVE-2015-5292

nvd
почти 10 лет назад

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.

github логотип

GHSA-5f57-m892-gf57

github
больше 3 лет назад

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.

oracle-oval логотип

ELSA-2015-2355

oracle-oval
почти 10 лет назад

ELSA-2015-2355: sssd security, bug fix, and enhancement update (LOW)

EPSS

Процентиль: 85%
0.02687
Низкий