ID CVE-2015-5292
Summary Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.
References
Vulnerable Configurations
  • cpe:2.3:a:fedoraproject:sssd:1.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.11.4:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.11.5:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.11.6:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.11.6:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.11.7:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.11.7:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.12.4:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.12.4:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.12.5:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.12.5:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:sssd:1.13.0:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:sssd:1.13.0:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 07-12-2016 - 18:16)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:C
redhat via4
advisories
  • bugzilla
    id 1268783
    title Memory leak / possible DoS with krb auth. [rhel 6.7.z]
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment libipa_hbac is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019035
        • comment libipa_hbac is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375046
      • AND
        • comment libipa_hbac-devel is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019033
        • comment libipa_hbac-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375034
      • AND
        • comment libipa_hbac-python is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019045
        • comment libipa_hbac-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375028
      • AND
        • comment libsss_idmap is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019005
        • comment libsss_idmap is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375016
      • AND
        • comment libsss_idmap-devel is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019013
        • comment libsss_idmap-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375044
      • AND
        • comment libsss_nss_idmap is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019037
        • comment libsss_nss_idmap is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375014
      • AND
        • comment libsss_nss_idmap-devel is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019041
        • comment libsss_nss_idmap-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375018
      • AND
        • comment libsss_nss_idmap-python is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019009
        • comment libsss_nss_idmap-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375010
      • AND
        • comment libsss_simpleifp is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019043
        • comment libsss_simpleifp is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150441054
      • AND
        • comment libsss_simpleifp-devel is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019007
        • comment libsss_simpleifp-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150441020
      • AND
        • comment python-sssdconfig is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019049
        • comment python-sssdconfig is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375020
      • AND
        • comment sssd is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019023
        • comment sssd is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375006
      • AND
        • comment sssd-ad is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019027
        • comment sssd-ad is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375026
      • AND
        • comment sssd-client is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019019
        • comment sssd-client is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375036
      • AND
        • comment sssd-common is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019025
        • comment sssd-common is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375012
      • AND
        • comment sssd-common-pac is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019047
        • comment sssd-common-pac is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375022
      • AND
        • comment sssd-dbus is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019021
        • comment sssd-dbus is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375030
      • AND
        • comment sssd-ipa is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019015
        • comment sssd-ipa is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375024
      • AND
        • comment sssd-krb5 is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019031
        • comment sssd-krb5 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375042
      • AND
        • comment sssd-krb5-common is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019011
        • comment sssd-krb5-common is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375032
      • AND
        • comment sssd-ldap is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019039
        • comment sssd-ldap is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375008
      • AND
        • comment sssd-proxy is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019017
        • comment sssd-proxy is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375038
      • AND
        • comment sssd-tools is earlier than 0:1.12.4-47.el6_7.4
          oval oval:com.redhat.rhsa:tst:20152019029
        • comment sssd-tools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375040
    rhsa
    id RHSA-2015:2019
    released 2015-11-10
    severity Low
    title RHSA-2015:2019: sssd security and bug fix update (Low)
  • bugzilla
    id 1270827
    title local overrides: don't contact server with overridden name/id
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment libipa_hbac is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355005
        • comment libipa_hbac is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375046
      • AND
        • comment libipa_hbac-devel is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355047
        • comment libipa_hbac-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375034
      • AND
        • comment libsss_idmap is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355049
        • comment libsss_idmap is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375016
      • AND
        • comment libsss_idmap-devel is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355045
        • comment libsss_idmap-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375044
      • AND
        • comment libsss_nss_idmap is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355017
        • comment libsss_nss_idmap is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375014
      • AND
        • comment libsss_nss_idmap-devel is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355039
        • comment libsss_nss_idmap-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375018
      • AND
        • comment libsss_simpleifp is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355021
        • comment libsss_simpleifp is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150441054
      • AND
        • comment libsss_simpleifp-devel is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355011
        • comment libsss_simpleifp-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150441020
      • AND
        • comment python-libipa_hbac is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355043
        • comment python-libipa_hbac is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152355044
      • AND
        • comment python-libsss_nss_idmap is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355029
        • comment python-libsss_nss_idmap is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152355030
      • AND
        • comment python-sss is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355033
        • comment python-sss is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152355034
      • AND
        • comment python-sss-murmur is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355053
        • comment python-sss-murmur is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152355054
      • AND
        • comment python-sssdconfig is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355057
        • comment python-sssdconfig is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375020
      • AND
        • comment sssd is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355051
        • comment sssd is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375006
      • AND
        • comment sssd-ad is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355007
        • comment sssd-ad is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375026
      • AND
        • comment sssd-client is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355055
        • comment sssd-client is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375036
      • AND
        • comment sssd-common is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355041
        • comment sssd-common is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375012
      • AND
        • comment sssd-common-pac is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355037
        • comment sssd-common-pac is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375022
      • AND
        • comment sssd-dbus is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355027
        • comment sssd-dbus is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375030
      • AND
        • comment sssd-ipa is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355025
        • comment sssd-ipa is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375024
      • AND
        • comment sssd-krb5 is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355009
        • comment sssd-krb5 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375042
      • AND
        • comment sssd-krb5-common is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355013
        • comment sssd-krb5-common is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375032
      • AND
        • comment sssd-ldap is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355019
        • comment sssd-ldap is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375008
      • AND
        • comment sssd-libwbclient is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355023
        • comment sssd-libwbclient is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150441024
      • AND
        • comment sssd-libwbclient-devel is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355031
        • comment sssd-libwbclient-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150441018
      • AND
        • comment sssd-proxy is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355035
        • comment sssd-proxy is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375038
      • AND
        • comment sssd-tools is earlier than 0:1.13.0-40.el7
          oval oval:com.redhat.rhsa:tst:20152355015
        • comment sssd-tools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141375040
    rhsa
    id RHSA-2015:2355
    released 2015-11-19
    severity Low
    title RHSA-2015:2355: sssd security, bug fix, and enhancement update (Low)
rpms
  • libipa_hbac-0:1.12.4-47.el6_7.4
  • libipa_hbac-devel-0:1.12.4-47.el6_7.4
  • libipa_hbac-python-0:1.12.4-47.el6_7.4
  • libsss_idmap-0:1.12.4-47.el6_7.4
  • libsss_idmap-devel-0:1.12.4-47.el6_7.4
  • libsss_nss_idmap-0:1.12.4-47.el6_7.4
  • libsss_nss_idmap-devel-0:1.12.4-47.el6_7.4
  • libsss_nss_idmap-python-0:1.12.4-47.el6_7.4
  • libsss_simpleifp-0:1.12.4-47.el6_7.4
  • libsss_simpleifp-devel-0:1.12.4-47.el6_7.4
  • python-sssdconfig-0:1.12.4-47.el6_7.4
  • sssd-0:1.12.4-47.el6_7.4
  • sssd-ad-0:1.12.4-47.el6_7.4
  • sssd-client-0:1.12.4-47.el6_7.4
  • sssd-common-0:1.12.4-47.el6_7.4
  • sssd-common-pac-0:1.12.4-47.el6_7.4
  • sssd-dbus-0:1.12.4-47.el6_7.4
  • sssd-ipa-0:1.12.4-47.el6_7.4
  • sssd-krb5-0:1.12.4-47.el6_7.4
  • sssd-krb5-common-0:1.12.4-47.el6_7.4
  • sssd-ldap-0:1.12.4-47.el6_7.4
  • sssd-proxy-0:1.12.4-47.el6_7.4
  • sssd-tools-0:1.12.4-47.el6_7.4
  • libipa_hbac-0:1.13.0-40.el7
  • libipa_hbac-devel-0:1.13.0-40.el7
  • libsss_idmap-0:1.13.0-40.el7
  • libsss_idmap-devel-0:1.13.0-40.el7
  • libsss_nss_idmap-0:1.13.0-40.el7
  • libsss_nss_idmap-devel-0:1.13.0-40.el7
  • libsss_simpleifp-0:1.13.0-40.el7
  • libsss_simpleifp-devel-0:1.13.0-40.el7
  • python-libipa_hbac-0:1.13.0-40.el7
  • python-libsss_nss_idmap-0:1.13.0-40.el7
  • python-sss-0:1.13.0-40.el7
  • python-sss-murmur-0:1.13.0-40.el7
  • python-sssdconfig-0:1.13.0-40.el7
  • sssd-0:1.13.0-40.el7
  • sssd-ad-0:1.13.0-40.el7
  • sssd-client-0:1.13.0-40.el7
  • sssd-common-0:1.13.0-40.el7
  • sssd-common-pac-0:1.13.0-40.el7
  • sssd-dbus-0:1.13.0-40.el7
  • sssd-ipa-0:1.13.0-40.el7
  • sssd-krb5-0:1.13.0-40.el7
  • sssd-krb5-common-0:1.13.0-40.el7
  • sssd-ldap-0:1.13.0-40.el7
  • sssd-libwbclient-0:1.13.0-40.el7
  • sssd-libwbclient-devel-0:1.13.0-40.el7
  • sssd-proxy-0:1.13.0-40.el7
  • sssd-tools-0:1.13.0-40.el7
refmap via4
bid 77529
confirm
fedora
  • FEDORA-2015-202c127199
  • FEDORA-2015-7b47df69d3
  • FEDORA-2015-cdea5324a8
mlist [sssd-users] 20151021 A security bug in SSSD 1.10 and later (CVE-2015-5292)
sectrack 1034038
Last major update 07-12-2016 - 18:16
Published 29-10-2015 - 16:59
Back to Top