ALAS-2018-1127 --- sssd, python27, libsss_certmap, libsss_autofs, libsss_nss_idmap, libsss_sudo, libsss_idmap, libipa_hbacID: oval:org.secpod.oval:def:1601372 | Date: (C)2020-11-27 (M)2022-10-27 |
Class: PATCH | Family: unix |
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of permissions. Any user who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user
Platform: |
Amazon Linux AMI |
Product: |
sssd |
python27 |
libsss_certmap |
libsss_autofs |
libsss_nss_idmap |
libsss_sudo |
libsss_idmap |
libipa_hbac |