CVE-2010-4341
Published: 25 January 2011
The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.
Priority
Status
Package | Release | Status |
---|---|---|
sssd Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Not vulnerable
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Not vulnerable
(1.2.1-4.1ubuntu3)
|
|
oneiric |
Not vulnerable
|
|
upstream |
Released
(1.2.1-4.1)
|
|
Patches: vendor: https://rhn.redhat.com/errata/RHSA-2011-0560.html |