VDB

GCVE-110-MAGEIA-2017-421

GCVE-110-MAGEIA-2017-421
Advisory Published
Vulnetix · Advisory published November 20, 2017
SSSD stores its cached data in an LDAP like local database file using libldb. To lookup cached data LDAP search filters like '(objectClass=user) (name=user_name)' are used. However, in sysdb_search_user_by_upn_res(), the input is not sanitized and allows to manipulate the search filter for cache lookups. This would allow a logged in user to discover the password hash of a different user (CVE-2017-12173).

Affected Products

VendorProductVersionsPlatforms
Mageiasssd0 (affected), 1.13.4-9.1.mga6 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›