Kerberos Authentication Bypass Vulnerability in SSSD

Kerberos Authentication Bypass Vulnerability in SSSD

CVE-2011-1758 · LOW Severity

AV:L/AC:H/AU:N/C:P/I:P/A:P

The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname.

Learn more about our User Device Pen Test.