Local Authentication Bypass in System Security Services Daemon by Red Hat
CVE-2011-1758

Currently unrated

Key Information:

Vendor

Fedoraproject

Status
Sssd
Vendor
CVE Published:
26 May 2011

What is CVE-2011-1758?

A vulnerability exists in the System Security Services Daemon (SSSD) versions prior to 1.5.7, specifically in the krb5_save_ccname_done function. When automatic ticket renewal and offline authentication are enabled, the function improperly uses a pathname string as a password. This flaw allows local users to list the /tmp directory and retrieve the pathname, effectively bypassing Kerberos authentication mechanisms. This situation raises significant security concerns for systems using SSSD that rely on robust user authentication.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://bugzilla.redhat.com/show_bug.cgi?id=700867
x_refsource_CONFIRM
https://fedorahosted.org/sssd/ticket/856
x_refsource_CONFIRM
http://openwall.com/lists/oss-security/2011/04/29/4
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.