CVE-2018-16838

Related Files

Ubuntu Security Notice USN-5067-1

Posted Sep 8, 2021

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5067-1 - Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. It was discovered that SSSD incorrectly handled Group Policy Objects. When SSSD is configured with too strict permissions causing the GPO to not be readable, SSSD will allow all authenticated users to login instead of being denied, contrary to expectations. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, local

systems | linux, ubuntu

advisories | CVE-2018-10852, CVE-2018-16838, CVE-2019-3811, CVE-2021-3621

SHA-256 | 57bb124cbecf36bdb8d4f0c37b6abc7cd806b1d2b852b746eea1be28e8aa2a43

Download | Favorite | View

Red Hat Security Advisory 2019-3651-01

Posted Nov 6, 2019

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3651-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.

tags | advisory, remote

systems | linux, redhat

advisories | CVE-2018-16838

SHA-256 | a5ee9bae83efc8209ebfcf1f02cc05de78f8e8ba790213ce41761ce98be4b846

Download | Favorite | View

Red Hat Security Advisory 2019-2437-01

Posted Aug 12, 2019

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2437-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service

systems | linux, redhat

advisories | CVE-2018-16838, CVE-2018-16881, CVE-2019-0161, CVE-2019-10139, CVE-2019-10160, CVE-2019-1559

SHA-256 | f40cbaf735073c48fac04cf4f3c79efaa6a492f90523a8288de1eab0cd4f7637

Download | Favorite | View

Red Hat Security Advisory 2019-2177-01

Posted Aug 6, 2019

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2177-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.

tags | advisory, remote

systems | linux, redhat

advisories | CVE-2018-16838, CVE-2019-3811

SHA-256 | 17521e7b7450fa21699fd9253a26117e0161ee713a65d4d936107eff6c44a89a

Download | Favorite | View