Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.1
CVE-2010-4341
- EPSS 0.17%
- Published 25.01.2011 01:00:01
- Last modified 11.04.2025 00:51:21
The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.
7.5
CVE-2009-2410
- EPSS 0.44%
- Published 30.07.2009 18:30:00
- Last modified 09.04.2025 00:30:58
The local_handler_callback function in server/responder/pam/pam_LOCAL_domain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain access by sending the account's ...
1