Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2021:3151

Опубликовано: 16 авг. 2021
Источник: rocky
Оценка: Important

Описание

Important: sssd security update

For more information visit https://errata.rockylinux.org/RLSA-2021:3151

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
libipa_hbaci6869.el8_4.2libipa_hbac-2.4.0-9.el8_4.2.i686.rpm
libsss_nss_idmapi6869.el8_4.2libsss_nss_idmap-2.4.0-9.el8_4.2.i686.rpm
libsss_nss_idmapx86_649.el8_4.2libsss_nss_idmap-2.4.0-9.el8_4.2.x86_64.rpm
libsss_simpleifpx86_649.el8_4.2libsss_simpleifp-2.4.0-9.el8_4.2.x86_64.rpm
python3-libipa_hbacx86_649.el8_4.2python3-libipa_hbac-2.4.0-9.el8_4.2.x86_64.rpm
sssd-krb5x86_649.el8_4.2sssd-krb5-2.4.0-9.el8_4.2.x86_64.rpm
sssdx86_649.el8_4.2sssd-2.4.0-9.el8_4.2.x86_64.rpm
libsss_idmapx86_649.el8_4.2libsss_idmap-2.4.0-9.el8_4.2.x86_64.rpm
sssd-clientx86_649.el8_4.2sssd-client-2.4.0-9.el8_4.2.x86_64.rpm
libipa_hbacx86_649.el8_4.2libipa_hbac-2.4.0-9.el8_4.2.x86_64.rpm

Показывать по

Связанные CVE

CVE-2021-3621

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2021-3621

CVSS3: 8.8
ubuntu
больше 3 лет назад

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

redhat логотип

CVE-2021-3621

CVSS3: 6.7
redhat
почти 4 года назад

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

nvd логотип

CVE-2021-3621

CVSS3: 8.8
nvd
больше 3 лет назад

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

debian логотип

CVE-2021-3621

CVSS3: 8.8
debian
больше 3 лет назад

A flaw was found in SSSD, where the sssctl command was vulnerable to s ...

suse-cvrf логотип

openSUSE-SU-2021:2941-1

suse-cvrf
почти 4 года назад

Security update for sssd