Vendor
Fedorahosted
Products
3
CVEs
5
Across products
8
Status
Private
Products
3- 3 CVEs
- 3 CVEs
- 2 CVEs
Recent CVEs
5| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2012-6097 | 0.00 | — | 0.00 | Apr 9, 2013 | File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab. | ||
| CVE-2010-4341 | 0.00 | — | 0.00 | Jan 25, 2011 | The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet. | ||
| CVE-2010-0424 | 0.00 | — | 0.00 | Feb 25, 2010 | The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory. | ||
| CVE-2009-2905 | 0.00 | — | 0.00 | Sep 29, 2009 | Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to display a crafted text dialog box. | ||
| CVE-2009-2410 | 0.00 | — | 0.00 | Jul 30, 2009 | The local_handler_callback function in server/responder/pam/pam_LOCAL_domain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain access by sending the account's username, in conjunction with an arbitrary password, over an ssh connection. |