Lucene search
PRIOn knowledge basePRION:CVE-2019-3811HistoryJan 15, 2019 - 3:29 p.m.
Design/Logic Flaw
2019-01-1515:29:00
PRIOn knowledge base
www.prio-n.com
8
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return ‘/’ (the root directory) instead of ‘’ (the empty string / no home directory). This could impact services that restrict the user’s filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 8.0 | |
| sssd | lt | 2.1 | |
| leap | eq | 42.3 | |
| leap | eq | 15.0 | |
| enterprise_linux | eq | 7.0 |
References
lists.opensuse.org/opensuse-security-announce/2019-03/msg00026.html
lists.opensuse.org/opensuse-security-announce/2019-04/msg00045.html
www.securityfocus.com/bid/106644
access.redhat.com/errata/RHSA-2019:2177
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3811
lists.debian.org/debian-lts-announce/2019/01/msg00011.html
lists.debian.org/debian-lts-announce/2023/05/msg00028.html
Related
openvas
openvas
Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2019-1754)
2020-01-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0542-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2019-1660)
2020-01-23 00:00:00
nessus
nessus
openSUSE Security Update : sssd (openSUSE-2019-344)
2019-03-19 00:00:00
EulerOS 2.0 SP2 : sssd (EulerOS-SA-2019-1754)
2019-07-22 00:00:00
Debian DLA-1635-1 : sssd security update
2019-01-18 00:00:00
veracode
veracode
Unauthorised Access
2019-08-08 00:07:55
suse
suse
Recommended update for adcli, sssd (moderate)
2019-04-08 00:00:00
Security update for sssd (moderate)
2019-03-18 00:00:00
cvelist
cvelist
CVE-2019-3811
2019-01-15 15:00:00
debian
debian
[SECURITY] [DLA 1635-1] sssd security update
2019-01-17 12:34:29
[SECURITY] [DLA 3436-1] sssd security update
2023-05-29 13:43:53
redhatcve
redhatcve
CVE-2019-3811
2019-01-11 18:26:42
osv
osv
sssd - security update
2019-01-17 00:00:00
sssd vulnerabilities
2021-09-08 11:40:23
sssd - security update
2023-05-29 00:00:00
cve
cve
CVE-2019-3811
2019-01-15 15:29:00
ubuntucve
ubuntucve
CVE-2019-3811
2019-01-15 00:00:00
nvd
nvd
CVE-2019-3811
2019-01-15 15:29:00
debiancve
debiancve
CVE-2019-3811
2019-01-15 15:29:00
oraclelinux
oraclelinux
sssd security, bug fix, and enhancement update
2019-08-13 00:00:00
mageia
mageia
Updated ldb packages fix security vulnerability
2019-05-08 00:38:09
centos
centos
redhat
redhat
(RHSA-2019:2177) Moderate: sssd security, bug fix, and enhancement update
2019-08-06 08:10:08
rosalinux
rosalinux
Advisory ROSA-SA-2021-1977
2021-07-02 18:10:53
amazon
amazon
Medium: sssd
2019-10-08 21:07:00
Medium: sssd
2019-10-28 17:45:00
ubuntu
ubuntu
SSSD vulnerabilities
2021-09-08 00:00:00