Bug 660481 (CVE-2010-4341)

Summary: VUL-0: CVE-2010-4341: sssd DoS
Product: [Novell Products] SUSE Security Incidents Reporter: Ludwig Nussel <lnussel>
Component: GeneralAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: meissner, ralf, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: .
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Ludwig Nussel 2010-12-20 08:39:25 UTC 
Your friendly security team received the following report via vendor-sec.
Please respond ASAP.
This issue is not public yet, please keep any information about it inside SUSE.
Note that build.opensuse.org *cannot* be used to prepare embargoed updates.

CRD 11.1.
CVE-2010-4341

------------------------------------------------------------------------------
Date: Fri, 17 Dec 2010 14:22:49 -0700
From: Vincent Danen <vdanen@redhat.com>
[...]
Sebastian Krahmer discovered that it was possible to make sssd hang
forever inside a loop in the pam_parse_in_data_v2() function of SSSD's
PAM responder by using a carefully crafted packet to sssd.  This could
be exploited by a local attacker to crash sssd and prevent other
legitimate users from logging into the system.
Comment 4 Ralf Haferkamp 2011-01-14 09:31:35 UTC 
As this just appeared in the upstream git, I guess this can now be considered public? And I can submit the package to Factory?

I have yet to check if the version we ship in 11.3 is affected by this as well.
Comment 5 Ludwig Nussel 2011-01-14 10:04:22 UTC 
it's public, yes.
Comment 6 Ralf Haferkamp 2011-01-14 10:15:33 UTC 
11.3 (sssd-1.1.0) seems to be affected as well. Please provide me a Swamp-ID.
Comment 7 Thomas Biege 2011-01-14 10:31:35 UTC 
CVE-2010-4341: CVSS v2 Base Score: 2.1 (low) (AV:L/AC:L/Au:N/C:N/I:N/A:P): unknown (unknown)

Swamp-ID will come shortly...
Comment 8 Swamp Workflow Management 2011-01-14 10:34:16 UTC 
The SWAMPID for this issue is 38231.
This issue was rated as low.
Please submit fixed packages until 2011-02-11.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 9 Ralf Haferkamp 2011-01-18 10:15:13 UTC 
Packages submitted to Factory (SR#58672) and 11.3 (SR#58669)
Comment 10 Swamp Workflow Management 2011-01-19 11:36:18 UTC 
Update released for: libcollection-devel, libcollection1, libcollection1-debuginfo, libdhash-devel, libdhash1, libdhash1-debuginfo, libini_config-devel, libini_config1, libini_config1-debuginfo, python-sssd-config, python-sssd-config-debuginfo, sssd, sssd-debuginfo, sssd-debugsource, sssd-ipa-provider, sssd-ipa-provider-debuginfo, sssd-tools, sssd-tools-debuginfo
Products:
openSUSE 11.3 (debug, i586, x86_64)
Comment 11 Sebastian Krahmer 2011-01-19 11:36:47 UTC 
done
Comment 12 Bernhard Wiedemann 2017-12-01 15:40:50 UTC 
This is an autogenerated message for OBS integration:
This bug (660481) was mentioned in
https://build.opensuse.org/request/show/547139 Factory / sssd