[VIM] [CVENEW] New CVE CANs: 2013/03/21 12:00 ; count=1

coley at mitre.org coley at mitre.org
Thu Mar 21 11:04:26 CDT 2013 

======================================================
Name: CVE-2013-0287
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0287
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20121206
Category: 
Reference: MLIST:[sssd-devel] 20130319 [SSSD] A security bug in SSSD 1.9 (CVE-2013-0287)
Reference: URL:https://lists.fedorahosted.org/pipermail/sssd-devel/2013-March/014066.html
Reference: MISC:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=910938
Reference: CONFIRM:http://git.fedorahosted.org/cgit/sssd.git/patch/?id=26590d31f492dbbd36be6d0bde46a4bd3b221edb
Reference: CONFIRM:http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6569d57e3bc168e6e83d70333b48c5cb43aa04c4
Reference: CONFIRM:http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6837eee3f7f81c0ee454d3718d67d7f3cc6b48ef
Reference: CONFIRM:http://git.fedorahosted.org/cgit/sssd.git/patch/?id=754b09b5444e6da88ed58d6deaed8b815e268b6b
Reference: CONFIRM:http://git.fedorahosted.org/cgit/sssd.git/patch/?id=7619be9f6bf649665fcbeee9e6b120f9f9cba2a5
Reference: CONFIRM:http://git.fedorahosted.org/cgit/sssd.git/patch/?id=8b8019fe3dd1564fba657e219ec20ff816c7ffdb
Reference: CONFIRM:http://git.fedorahosted.org/cgit/sssd.git/patch/?id=b63830b142053f99bfe954d4be5a2b0f68ce3a93
Reference: CONFIRM:http://git.fedorahosted.org/cgit/sssd.git/patch/?id=c0bca1722d6f9dfb654ad78397be70f79ff39af1
Reference: REDHAT:RHSA-2013:0663
Reference: URL:http://rhn.redhat.com/errata/RHSA-2013-0663.html
Reference: BID:58593
Reference: URL:http://www.securityfocus.com/bid/58593
Reference: SECTRACK:1028317
Reference: URL:http://securitytracker.com/id?1028317
Reference: SECUNIA:52704
Reference: URL:http://secunia.com/advisories/52704
Reference: SECUNIA:52722
Reference: URL:http://secunia.com/advisories/52722

The Simple Access Provider in System Security Services Daemon (SSSD)
1.9.0 through 1.9.4, when the Active Directory provider is used, does
not properly enforce the simple_deny_groups option, which allows
remote authenticated users to bypass intended access restrictions.

More information about the VIM mailing list