CVE-2017-12173 Amazon Linux Security Advisory for sssd: ALAS-2017-935

漏洞类别:Amazon Linux

漏洞等级:

漏洞信息

Unsanitized input when searching in local cache database
It was found that sssd’s sysdb_search_user_by_upn_res() function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it. (CVE-2017-12173 )

QID Detection Logic:
This authenticated QID verifies if the version of the following files is lesser than 1.15.2-50.34.amzn1: sssd-krb5,sssd-proxy,libsss_simpleifp-devel,sssd-krb5-common,libsss_idmap-devel,libsss_autofs,sssd-common-pac,libsss_nss_idmap-devel,sssd-debuginfo,python27-libipa_hbac,sssd-ad,sssd-common,python27-sss-murmur,sssd-winbind-idmap,sssd,python27-sss,sssd-libwbclient,sssd-dbus,libsss_certmap,libsss_nss_idmap,libipa_hbac-devel,libsss_certmap-devel,libsss_sudo,sssd-libwbclient-devel,python27-libsss_nss_idmap,libipa_hbac,libsss_simpleifp,sssd-ipa,sssd-client,sssd-ldap,libsss_idmap,sssd-tools,python27-sssdconfig

漏洞危害

Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.

解决方案

Please refer to Amazon advisory ALAS-2017-935 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

ALAS-2017-935: Amazon Linux (sssd (1.15.2-50.34.amzn1) on noarch)

ALAS-2017-935: Amazon Linux (sssd (1.15.2-50.34.amzn1) on x86_64)

ALAS-2017-935: Amazon Linux (sssd (1.15.2-50.34.amzn1) on src)

ALAS-2017-935: Amazon Linux (sssd (1.15.2-50.34.amzn1) on i686)

Leave a Reply