CVE-2018-10852

Related Files

Ubuntu Security Notice USN-5067-1

Posted Sep 8, 2021

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5067-1 - Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. It was discovered that SSSD incorrectly handled Group Policy Objects. When SSSD is configured with too strict permissions causing the GPO to not be readable, SSSD will allow all authenticated users to login instead of being denied, contrary to expectations. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, local

systems | linux, ubuntu

advisories | CVE-2018-10852, CVE-2018-16838, CVE-2019-3811, CVE-2021-3621

SHA-256 | 57bb124cbecf36bdb8d4f0c37b6abc7cd806b1d2b852b746eea1be28e8aa2a43

Download | Favorite | View

Red Hat Security Advisory 2018-3158-01

Posted Oct 30, 2018

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3158-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Issues addressed include an information leak.

tags | advisory, remote

systems | linux, redhat

advisories | CVE-2018-10852

SHA-256 | 2d974d6a6e542ac30db1cad245f5d4b2533f5679dc5993997d02bf1951f64cb4

Download | Favorite | View