{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2011-05-26T18:00:00.000Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=700867"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://fedorahosted.org/sssd/ticket/856"}, {"name": "[oss-security] 20110429 vulnerability in sssd 1.5.0+ (CVE-2011-1758)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/04/29/4"}, {"name": "FEDORA-2011-5815", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059619.html"}, {"name": "FEDORA-2011-6279", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059532.html"}, {"name": "[sssd-devel] 20110429 SSSD Security Release 1.5.7", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://fedorahosted.org/pipermail/sssd-devel/2011-April/006138.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.7"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.fedorahosted.org/git/?p=sssd.git%3Ba=commit%3Bh=fffdae81651b460f3d2c119c56d5caa09b4de42a"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=700891"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:37:25.779Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=700867"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://fedorahosted.org/sssd/ticket/856"}, {"name": "[oss-security] 20110429 vulnerability in sssd 1.5.0+ (CVE-2011-1758)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/04/29/4"}, {"name": "FEDORA-2011-5815", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059619.html"}, {"name": "FEDORA-2011-6279", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059532.html"}, {"name": "[sssd-devel] 20110429 SSSD Security Release 1.5.7", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://fedorahosted.org/pipermail/sssd-devel/2011-April/006138.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.7"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.fedorahosted.org/git/?p=sssd.git%3Ba=commit%3Bh=fffdae81651b460f3d2c119c56d5caa09b4de42a"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=700891"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-1758", "state": "PUBLISHED", "dateReserved": "2011-04-19T00:00:00.000Z", "datePublished": "2011-05-26T18:00:00.000Z", "dateUpdated": "2024-08-06T22:37:25.779Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fedoraproject:sssd:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C38007C8-061C-4D6D-BC6B-83475E165A3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:fedoraproject:sssd:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8F39928-292C-4B1E-849F-4CB7534558B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:fedoraproject:sssd:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "19ACB702-62F5-4614-9CB9-AC07CCEBB399", "vulnerable": true}, {"criteria": "cpe:2.3:a:fedoraproject:sssd:1.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "0524C067-9992-40F1-BC7A-EE382251151B", "vulnerable": true}, {"criteria": "cpe:2.3:a:fedoraproject:sssd:1.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "74298682-9BFF-4F81-B387-BA0B036619E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:fedoraproject:sssd:1.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "BC55E83E-AAA5-4228-8283-57EBFCE1EEE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:fedoraproject:sssd:1.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "AFB0D128-F08B-41C1-B8A1-3FD7845B3F37", "vulnerable": true}, {"criteria": "cpe:2.3:a:fedoraproject:sssd:1.5.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "30FC0A62-9332-46F8-8415-50742BBDFC88", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname."}, {"lang": "es", "value": "La funci\u00f3n krb5_save_ccname_done en providers/krb5/krb5_auth.c en el Security Services Daemon (SSSD) v1.5.x anteriores a v1.5.7 1.5.x, cuando la renovaci\u00f3n autom\u00e1tica de tickets la autenticaci\u00f3n fuera de l\u00ednea est\u00e1 configurada, utiliza una cadena de ruta como contrase\u00f1a, lo que permite a usuarios locales eludir la autenticaci\u00f3n Kerberos listando el directorio /tmp para obtener la ruta de acceso."}], "id": "CVE-2011-1758", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.7, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 1.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-05-26T18:55:02.237", "references": [{"source": "secalert@redhat.com", "url": "http://git.fedorahosted.org/git/?p=sssd.git%3Ba=commit%3Bh=fffdae81651b460f3d2c119c56d5caa09b4de42a"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059532.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059619.html"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://openwall.com/lists/oss-security/2011/04/29/4"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=700867"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=700891"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://fedorahosted.org/pipermail/sssd-devel/2011-April/006138.html"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://fedorahosted.org/sssd/ticket/856"}, {"source": "secalert@redhat.com", "url": "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.fedorahosted.org/git/?p=sssd.git%3Ba=commit%3Bh=fffdae81651b460f3d2c119c56d5caa09b4de42a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059532.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059619.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://openwall.com/lists/oss-security/2011/04/29/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=700867"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=700891"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://fedorahosted.org/pipermail/sssd-devel/2011-April/006138.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://fedorahosted.org/sssd/ticket/856"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.7"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}