Advisories » MGASA-2017-0421

Updated sssd packages fix security vulnerability

Publication date: 20 Nov 2017
Modification date: 20 Nov 2017
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-12173

Description

SSSD stores its cached data in an LDAP like local database file using
libldb. To lookup cached data LDAP search filters like
'(objectClass=user) (name=user_name)' are used. However, in
sysdb_search_user_by_upn_res(), the input is not sanitized and allows to
manipulate the search filter for cache lookups. This would allow a
logged in user to discover the password hash of a different user
(CVE-2017-12173).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=21917
• https://lists.opensuse.org/opensuse-updates/2017-11/msg00016.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12173

SRPMS

6/core

• sssd-1.13.4-9.1.mga6