ALAS-2019-1307 --- sssd, python27, libsss_certmap, libsss_autofs, libsss_nss_idmap, libsss_sudo, libsss_idmap, libipa_hbacID: oval:org.secpod.oval:def:1601065 | Date: (C)2019-10-14 (M)2023-06-05 |
Class: PATCH | Family: unix |
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.A vulnerability was found in sssd where, if a user was configured with no home directory set, sssd would return #039;/#039; instead of #039;#039; . This could impact services that restrict the user#039;s filesystem access to within their home directory through chroot.
Platform: |
Amazon Linux AMI |
Product: |
sssd |
python27 |
libsss_certmap |
libsss_autofs |
libsss_nss_idmap |
libsss_sudo |
libsss_idmap |
libipa_hbac |