QwikSec

Security Database

CVE

CWE

Training

CVE-2013-0220

Published: Feb 24, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of service (out-of-bounds read, crash, and restart) via a crafted SSSD packet.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://fedorahosted.org/sssd/ticket/1781

x_refsource_CONFIRM

https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

http://git.fedorahosted.org/cgit/sssd.git/commit/?id=30e2585dd46b62aa3a4abdf6de3f40a20e1743ab

x_refsource_CONFIRM

FEDORA-2013-1795

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=884601

x_refsource_MISC

http://git.fedorahosted.org/cgit/sssd.git/commit/?id=2bd514cfde1938b1e245af11c9b548d58d49b325

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

FEDORA-2013-1826

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.