Published: 11/06/2014 Updated: 22/04/2019

CVSS v2 Base Score: 3.3 | Impact Score: 4.9 | Exploitability Score: 3.4

VMScore: 294

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:N

The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat enterprise linux 5
fedoraproject sssd 1.11.6
redhat enterprise linux 6.0

Debian Bug report logs - #749569 sssd: CVE-2014-0249 Package: sssd; Maintainer for sssd is Debian SSSD Team <pkg-sssd-devel@alioth-listsdebiannet>; Source for sssd is src:sssd (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Wed, 28 May 2014 07:18:02 UTC Severity: important Fixed in v ...

The System Security Services Daemon (SSSD) 1116 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors ...

CWE-264 https://lists.fedorahosted.org/pipermail/sssd-devel/2014-May/019495.html https://bugzilla.redhat.com/show_bug.cgi?id=1101751 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=749569 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2014-0249

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-0249

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect