Количество 3
Количество 3
CVE-2009-2410
The local_handler_callback function in server/responder/pam/pam_LOCAL_domain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain access by sending the account's username, in conjunction with an arbitrary password, over an ssh connection.
CVE-2009-2410
The local_handler_callback function in server/responder/pam/pam_LOCAL_ ...
GHSA-w98w-3mj2-7wj3
The local_handler_callback function in server/responder/pam/pam_LOCAL_domain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain access by sending the account's username, in conjunction with an arbitrary password, over an ssh connection.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2009-2410 The local_handler_callback function in server/responder/pam/pam_LOCAL_domain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain access by sending the account's username, in conjunction with an arbitrary password, over an ssh connection. | CVSS2: 7.5 | 0% Низкий | больше 16 лет назад |
| CVE-2009-2410 The local_handler_callback function in server/responder/pam/pam_LOCAL_ ... | CVSS2: 7.5 | 0% Низкий | больше 16 лет назад |
| GHSA-w98w-3mj2-7wj3 The local_handler_callback function in server/responder/pam/pam_LOCAL_domain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain access by sending the account's username, in conjunction with an arbitrary password, over an ssh connection. | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу