CVE-2010-4341
published 2011-01-25CVE-2010-4341: The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of…
low2.1CVSS 3.1
AVLACLAuNCNINAP
The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | sssd | < sssd 1.2.1-4.1 (bookworm) | sssd 1.2.1-4.1 (bookworm) |
| fedorahosted | sssd | — | — |
| fedorahosted | sssd | — | — |
| fedoraproject | sssd | — | — |
| fedoraproject | sssd | — | — |
| fedoraproject | sssd | >= 0 < 1.2.1-4.1 | 1.2.1-4.1 |
| fedoraproject | sssd | >= 0 < 1.2.1-4.1 | 1.2.1-4.1 |
| fedoraproject | sssd | >= 0 < 1.2.1-4.1 | 1.2.1-4.1 |
| fedoraproject | sssd | >= 0 < 1.2.1-4.1 | 1.2.1-4.1 |
CVSS provenance
nvd2.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
osv2.1LOW