Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-5292

Опубликовано: 29 окт. 2015
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:fedoraproject:sssd:1.10.0:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.10.1:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.11.0:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.11.1:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.11.2:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.11.3:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.11.4:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.11.5:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.11.6:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.11.7:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.12.0:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.12.1:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.12.2:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.12.3:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.12.4:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.12.5:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.13.0:*:*:*:*:*:*:*

EPSS

Процентиль: 85%
0.02687
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-399

Связанные уязвимости

ubuntu логотип

CVE-2015-5292

ubuntu
почти 10 лет назад

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.

redhat логотип

CVE-2015-5292

redhat
почти 10 лет назад

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.

debian логотип

CVE-2015-5292

debian
почти 10 лет назад

Memory leak in the Privilege Attribute Certificate (PAC) responder plu ...

github логотип

GHSA-5f57-m892-gf57

github
больше 3 лет назад

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.

oracle-oval логотип

ELSA-2015-2355

oracle-oval
почти 10 лет назад

ELSA-2015-2355: sssd security, bug fix, and enhancement update (LOW)

EPSS

Процентиль: 85%
0.02687
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-399