Upstream information

CVE-2010-4341 at MITRE

Description

The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 2.1
Vector AV:L/AC:L/Au:N/C:N/I:N/A:P
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 660481 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12
  • libipa_hbac0 >= 1.11.5.1-5.20
  • libsss_idmap0 >= 1.11.5.1-5.20
  • python-sssd-config >= 1.11.5.1-5.20
  • sssd >= 1.11.5.1-5.20
  • sssd-32bit >= 1.11.5.1-5.20
  • sssd-ad >= 1.11.5.1-5.20
  • sssd-ipa >= 1.11.5.1-5.20
  • sssd-krb5 >= 1.11.5.1-5.20
  • sssd-krb5-common >= 1.11.5.1-5.20
  • sssd-ldap >= 1.11.5.1-5.20
  • sssd-proxy >= 1.11.5.1-5.20
  • sssd-tools >= 1.11.5.1-5.20
Patchnames:
SUSE Linux Enterprise Desktop 12 GA libipa_hbac0
SUSE Linux Enterprise Desktop 12 SP1
  • libipa_hbac0 >= 1.11.5.1-14.1
  • libsss_idmap0 >= 1.11.5.1-14.1
  • libsss_sudo >= 1.11.5.1-14.1
  • python-sssd-config >= 1.11.5.1-14.1
  • sssd >= 1.11.5.1-14.1
  • sssd-32bit >= 1.11.5.1-14.1
  • sssd-ad >= 1.11.5.1-14.1
  • sssd-ipa >= 1.11.5.1-14.1
  • sssd-krb5 >= 1.11.5.1-14.1
  • sssd-krb5-common >= 1.11.5.1-14.1
  • sssd-ldap >= 1.11.5.1-14.1
  • sssd-proxy >= 1.11.5.1-14.1
  • sssd-tools >= 1.11.5.1-14.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA libipa_hbac0
SUSE Linux Enterprise Desktop 12 SP2
  • libipa_hbac0 >= 1.13.4-18.10
  • libsss_idmap0 >= 1.13.4-18.10
  • libsss_sudo >= 1.13.4-18.10
  • python-sssd-config >= 1.13.4-18.10
  • sssd >= 1.13.4-18.10
  • sssd-32bit >= 1.13.4-18.10
  • sssd-ad >= 1.13.4-18.10
  • sssd-ipa >= 1.13.4-18.10
  • sssd-krb5 >= 1.13.4-18.10
  • sssd-krb5-common >= 1.13.4-18.10
  • sssd-ldap >= 1.13.4-18.10
  • sssd-proxy >= 1.13.4-18.10
  • sssd-tools >= 1.13.4-18.10
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA libipa_hbac0
SUSE Linux Enterprise Desktop 12 SP3
  • libipa_hbac0 >= 1.13.4-33.2
  • libsss_idmap0 >= 1.13.4-33.2
  • libsss_nss_idmap0 >= 1.13.4-33.2
  • libsss_sudo >= 1.13.4-33.2
  • python-sssd-config >= 1.13.4-33.2
  • sssd >= 1.13.4-33.2
  • sssd-32bit >= 1.13.4-33.2
  • sssd-ad >= 1.13.4-33.2
  • sssd-ipa >= 1.13.4-33.2
  • sssd-krb5 >= 1.13.4-33.2
  • sssd-krb5-common >= 1.13.4-33.2
  • sssd-ldap >= 1.13.4-33.2
  • sssd-proxy >= 1.13.4-33.2
  • sssd-tools >= 1.13.4-33.2
Patchnames:
SUSE Linux Enterprise Desktop 12 SP3 GA libipa_hbac0
SUSE Linux Enterprise Module for Basesystem 15
  • libipa_hbac-devel >= 1.16.1-1.22
  • libipa_hbac0 >= 1.16.1-1.22
  • libsss_certmap-devel >= 1.16.1-1.22
  • libsss_certmap0 >= 1.16.1-1.22
  • libsss_idmap-devel >= 1.16.1-1.22
  • libsss_idmap0 >= 1.16.1-1.22
  • libsss_nss_idmap-devel >= 1.16.1-1.22
  • libsss_nss_idmap0 >= 1.16.1-1.22
  • libsss_simpleifp-devel >= 1.16.1-1.22
  • libsss_simpleifp0 >= 1.16.1-1.22
  • python3-sssd-config >= 1.16.1-1.22
  • sssd >= 1.16.1-1.22
  • sssd-32bit >= 1.16.1-1.22
  • sssd-ad >= 1.16.1-1.22
  • sssd-ipa >= 1.16.1-1.22
  • sssd-krb5 >= 1.16.1-1.22
  • sssd-krb5-common >= 1.16.1-1.22
  • sssd-ldap >= 1.16.1-1.22
  • sssd-proxy >= 1.16.1-1.22
  • sssd-tools >= 1.16.1-1.22
  • sssd-wbclient >= 1.16.1-1.22
  • sssd-wbclient-devel >= 1.16.1-1.22
Patchnames:
SUSE Linux Enterprise Module for Basesystem 15 GA libipa_hbac-devel
SUSE Linux Enterprise Server 11 SP2
  • python-sssd-config >= 1.5.11-0.9.96
  • sssd >= 1.5.11-0.9.96
  • sssd-32bit >= 1.5.11-0.9.96
  • sssd-tools >= 1.5.11-0.9.96
Patchnames:
SUSE Linux Enterprise Server 11 SP2 GA python-sssd-config
SUSE Linux Enterprise Server 11 SP3
  • libsss_idmap0 >= 1.9.4-0.12.24
  • python-sssd-config >= 1.9.4-0.12.24
  • sssd >= 1.9.4-0.12.24
  • sssd-32bit >= 1.9.4-0.12.24
  • sssd-tools >= 1.9.4-0.12.24
Patchnames:
SUSE Linux Enterprise Server 11 SP3 GA libsss_idmap0
SUSE Linux Enterprise Server 11 SP4
  • libsss_idmap0 >= 1.9.4-0.16.1
  • python-sssd-config >= 1.9.4-0.16.1
  • sssd >= 1.9.4-0.16.1
  • sssd-32bit >= 1.9.4-0.16.1
  • sssd-tools >= 1.9.4-0.16.1
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA libsss_idmap0
SUSE Linux Enterprise Server 12
  • libipa_hbac0 >= 1.11.5.1-5.20
  • libsss_idmap0 >= 1.11.5.1-5.20
  • python-sssd-config >= 1.11.5.1-5.20
  • sssd >= 1.11.5.1-5.20
  • sssd-32bit >= 1.11.5.1-5.20
  • sssd-ad >= 1.11.5.1-5.20
  • sssd-ipa >= 1.11.5.1-5.20
  • sssd-krb5 >= 1.11.5.1-5.20
  • sssd-krb5-common >= 1.11.5.1-5.20
  • sssd-ldap >= 1.11.5.1-5.20
  • sssd-proxy >= 1.11.5.1-5.20
  • sssd-tools >= 1.11.5.1-5.20
Patchnames:
SUSE Linux Enterprise Server 12 GA libipa_hbac0
SUSE Linux Enterprise Server 12 SP1
  • libipa_hbac0 >= 1.11.5.1-14.1
  • libsss_idmap0 >= 1.11.5.1-14.1
  • libsss_sudo >= 1.11.5.1-14.1
  • python-sssd-config >= 1.11.5.1-14.1
  • sssd >= 1.11.5.1-14.1
  • sssd-32bit >= 1.11.5.1-14.1
  • sssd-ad >= 1.11.5.1-14.1
  • sssd-ipa >= 1.11.5.1-14.1
  • sssd-krb5 >= 1.11.5.1-14.1
  • sssd-krb5-common >= 1.11.5.1-14.1
  • sssd-ldap >= 1.11.5.1-14.1
  • sssd-proxy >= 1.11.5.1-14.1
  • sssd-tools >= 1.11.5.1-14.1
Patchnames:
SUSE Linux Enterprise Server 12 SP1 GA libipa_hbac0
SUSE Linux Enterprise Server 12 SP2
  • libipa_hbac0 >= 1.13.4-18.10
  • libsss_idmap0 >= 1.13.4-18.10
  • libsss_sudo >= 1.13.4-18.10
  • python-sssd-config >= 1.13.4-18.10
  • sssd >= 1.13.4-18.10
  • sssd-32bit >= 1.13.4-18.10
  • sssd-ad >= 1.13.4-18.10
  • sssd-ipa >= 1.13.4-18.10
  • sssd-krb5 >= 1.13.4-18.10
  • sssd-krb5-common >= 1.13.4-18.10
  • sssd-ldap >= 1.13.4-18.10
  • sssd-proxy >= 1.13.4-18.10
  • sssd-tools >= 1.13.4-18.10
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA libipa_hbac0
SUSE Linux Enterprise Server 12 SP3
  • libipa_hbac0 >= 1.13.4-33.2
  • libsss_idmap0 >= 1.13.4-33.2
  • libsss_nss_idmap0 >= 1.13.4-33.2
  • libsss_sudo >= 1.13.4-33.2
  • python-sssd-config >= 1.13.4-33.2
  • sssd >= 1.13.4-33.2
  • sssd-32bit >= 1.13.4-33.2
  • sssd-ad >= 1.13.4-33.2
  • sssd-ipa >= 1.13.4-33.2
  • sssd-krb5 >= 1.13.4-33.2
  • sssd-krb5-common >= 1.13.4-33.2
  • sssd-ldap >= 1.13.4-33.2
  • sssd-proxy >= 1.13.4-33.2
  • sssd-tools >= 1.13.4-33.2
Patchnames:
SUSE Linux Enterprise Server 12 SP3 GA libipa_hbac0
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • libipa_hbac0 >= 1.13.4-18.10
  • libsss_idmap0 >= 1.13.4-18.10
  • libsss_sudo >= 1.13.4-18.10
  • python-sssd-config >= 1.13.4-18.10
  • sssd >= 1.13.4-18.10
  • sssd-ad >= 1.13.4-18.10
  • sssd-ipa >= 1.13.4-18.10
  • sssd-krb5 >= 1.13.4-18.10
  • sssd-krb5-common >= 1.13.4-18.10
  • sssd-ldap >= 1.13.4-18.10
  • sssd-proxy >= 1.13.4-18.10
  • sssd-tools >= 1.13.4-18.10
Patchnames:
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA libipa_hbac0
SUSE Linux Enterprise Software Development Kit 11 SP4
  • libsss_idmap-devel >= 1.9.4-0.16.1
  • libsss_sudo-devel >= 1.9.4-0.16.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA libsss_idmap-devel
SUSE Linux Enterprise Software Development Kit 12
  • libipa_hbac-devel >= 1.11.5.1-5.20
  • libsss_idmap-devel >= 1.11.5.1-5.20
  • libsss_nss_idmap-devel >= 1.11.5.1-5.20
  • libsss_nss_idmap0 >= 1.11.5.1-5.20
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 GA libipa_hbac-devel
SUSE Linux Enterprise Software Development Kit 12 SP1
  • libipa_hbac-devel >= 1.11.5.1-14.1
  • libsss_idmap-devel >= 1.11.5.1-14.1
  • libsss_nss_idmap-devel >= 1.11.5.1-14.1
  • libsss_nss_idmap0 >= 1.11.5.1-14.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP1 GA libipa_hbac-devel
SUSE Linux Enterprise Software Development Kit 12 SP2
  • libipa_hbac-devel >= 1.13.4-18.10
  • libsss_idmap-devel >= 1.13.4-18.10
  • libsss_nss_idmap-devel >= 1.13.4-18.10
  • libsss_nss_idmap0 >= 1.13.4-18.10
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP2 GA libipa_hbac-devel
SUSE Linux Enterprise Software Development Kit 12 SP3
  • libipa_hbac-devel >= 1.13.4-33.2
  • libsss_idmap-devel >= 1.13.4-33.2
  • libsss_nss_idmap-devel >= 1.13.4-33.2
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP3 GA libipa_hbac-devel
openSUSE 11.3
  • libcollection1-debuginfo >= 0.4.0-2.3.1
  • libdhash1-debuginfo >= 0.4.0-2.3.1
  • libini_config1-debuginfo >= 0.4.0-2.3.1
  • python-sssd-config-debuginfo >= 1.1.0-2.3.1
  • sssd-debuginfo >= 1.1.0-2.3.1
  • sssd-debuginfo-32bit >= 1.1.0-2.3.1
  • sssd-debugsource >= 1.1.0-2.3.1
  • sssd-ipa-provider-debuginfo >= 1.1.0-2.3.1
  • sssd-tools-debuginfo >= 1.1.0-2.3.1
openSUSE 11.3
  • libcollection-devel >= 0.4.0-2.3.1
  • libcollection1 >= 0.4.0-2.3.1
  • libdhash-devel >= 0.4.0-2.3.1
  • libdhash1 >= 0.4.0-2.3.1
  • libini_config-devel >= 0.4.0-2.3.1
  • libini_config1 >= 0.4.0-2.3.1
  • python-sssd-config >= 1.1.0-2.3.1
  • sssd >= 1.1.0-2.3.1
  • sssd-32bit >= 1.1.0-2.3.1
  • sssd-ipa-provider >= 1.1.0-2.3.1
  • sssd-tools >= 1.1.0-2.3.1
openSUSE Leap 42.1
  • libsss_idmap0 >= 1.11.5.1-5.1
  • sssd >= 1.11.5.1-5.1
  • sssd-32bit >= 1.11.5.1-5.1
  • sssd-krb5-common >= 1.11.5.1-5.1
  • sssd-ldap >= 1.11.5.1-5.1
Patchnames:
openSUSE Leap 42.1 GA libsss_idmap0
openSUSE Leap 42.2
  • libsss_idmap0 >= 1.13.4-1.5
  • libsss_sudo >= 1.13.4-1.5
  • sssd >= 1.13.4-1.5
  • sssd-32bit >= 1.13.4-1.5
  • sssd-krb5-common >= 1.13.4-1.5
  • sssd-ldap >= 1.13.4-1.5
Patchnames:
openSUSE Leap 42.2 GA libsss_idmap0
openSUSE Leap 42.3
  • libsss_idmap0 >= 1.13.4-7.5
  • libsss_sudo >= 1.13.4-7.5
  • sssd >= 1.13.4-7.5
  • sssd-32bit >= 1.13.4-7.5
  • sssd-krb5-common >= 1.13.4-7.5
  • sssd-ldap >= 1.13.4-7.5
Patchnames:
openSUSE Leap 42.3 GA libsss_idmap0
openSUSE Tumbleweed
  • libipa_hbac-devel >= 1.14.2-3.1
  • libipa_hbac0 >= 1.14.2-3.1
  • libnfsidmap-sss >= 1.14.2-3.1
  • libsss_idmap-devel >= 1.14.2-3.1
  • libsss_idmap0 >= 1.14.2-3.1
  • libsss_nss_idmap-devel >= 1.14.2-3.1
  • libsss_nss_idmap0 >= 1.14.2-3.1
  • libsss_simpleifp-devel >= 1.14.2-3.1
  • libsss_simpleifp0 >= 1.14.2-3.1
  • python-ipa_hbac >= 1.14.2-3.1
  • python-sss-murmur >= 1.14.2-3.1
  • python-sss_nss_idmap >= 1.14.2-3.1
  • python-sssd-config >= 1.14.2-3.1
  • python3-ipa_hbac >= 1.14.2-3.1
  • python3-sss-murmur >= 1.14.2-3.1
  • python3-sss_nss_idmap >= 1.14.2-3.1
  • python3-sssd-config >= 1.14.2-3.1
  • sssd >= 1.14.2-3.1
  • sssd-32bit >= 1.14.2-3.1
  • sssd-ad >= 1.14.2-3.1
  • sssd-dbus >= 1.14.2-3.1
  • sssd-ipa >= 1.14.2-3.1
  • sssd-krb5 >= 1.14.2-3.1
  • sssd-krb5-common >= 1.14.2-3.1
  • sssd-ldap >= 1.14.2-3.1
  • sssd-proxy >= 1.14.2-3.1
  • sssd-tools >= 1.14.2-3.1
  • sssd-wbclient >= 1.14.2-3.1
  • sssd-wbclient-devel >= 1.14.2-3.1
  • sssd-winbind-idmap >= 1.14.2-3.1
Patchnames:
openSUSE Tumbleweed GA libipa_hbac-devel