CVE-2013-0219

System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.7 UNKNOWN
LOCAL
HIGH
AV:L/AC:H/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
Affected Products (NVD)
VendorProductVersion
fedoraprojectsssd
𝑥
≤ 1.9.3
fedoraprojectsssd
0.2.1
fedoraprojectsssd
0.3.0
fedoraprojectsssd
0.3.1
fedoraprojectsssd
0.3.2
fedoraprojectsssd
0.3.3
fedoraprojectsssd
0.4.0
fedoraprojectsssd
0.4.1
fedoraprojectsssd
0.5.0
fedoraprojectsssd
0.6.0
fedoraprojectsssd
0.6.1
fedoraprojectsssd
0.7.0
fedoraprojectsssd
0.7.1
fedoraprojectsssd
0.99.0
fedoraprojectsssd
0.99.1
fedoraprojectsssd
1.0.0
fedoraprojectsssd
1.0.1
fedoraprojectsssd
1.0.2
fedoraprojectsssd
1.0.3
fedoraprojectsssd
1.0.4
fedoraprojectsssd
1.0.5
fedoraprojectsssd
1.0.6
fedoraprojectsssd
1.0.99
fedoraprojectsssd
1.1.0
fedoraprojectsssd
1.1.1
fedoraprojectsssd
1.1.2
fedoraprojectsssd
1.1.91
fedoraprojectsssd
1.1.92
fedoraprojectsssd
1.2.0
fedoraprojectsssd
1.2.1
fedoraprojectsssd
1.2.2
fedoraprojectsssd
1.2.3
fedoraprojectsssd
1.2.4
fedoraprojectsssd
1.2.91
fedoraprojectsssd
1.3.0
fedoraprojectsssd
1.3.1
fedoraprojectsssd
1.4.0
fedoraprojectsssd
1.4.1
fedoraprojectsssd
1.5.0
fedoraprojectsssd
1.5.1
fedoraprojectsssd
1.5.2
fedoraprojectsssd
1.5.3
fedoraprojectsssd
1.5.4
fedoraprojectsssd
1.5.5
fedoraprojectsssd
1.5.6
fedoraprojectsssd
1.5.6.1
fedoraprojectsssd
1.5.7
fedoraprojectsssd
1.5.8
fedoraprojectsssd
1.5.9
fedoraprojectsssd
1.5.10
fedoraprojectsssd
1.5.11
fedoraprojectsssd
1.5.12
fedoraprojectsssd
1.5.13
fedoraprojectsssd
1.5.14
fedoraprojectsssd
1.5.15
fedoraprojectsssd
1.5.16
fedoraprojectsssd
1.5.17
fedoraprojectsssd
1.6.0
fedoraprojectsssd
1.6.1
fedoraprojectsssd
1.6.2
fedoraprojectsssd
1.6.3
fedoraprojectsssd
1.6.4
fedoraprojectsssd
1.7.0
fedoraprojectsssd
1.8.0
fedoraprojectsssd
1.8.0:beta1
fedoraprojectsssd
1.8.0:beta2
fedoraprojectsssd
1.8.0:beta3
fedoraprojectsssd
1.8.1
fedoraprojectsssd
1.8.2
fedoraprojectsssd
1.8.3
fedoraprojectsssd
1.8.4
fedoraprojectsssd
1.8.5
fedoraprojectsssd
1.8.6
fedoraprojectsssd
1.9.0
fedoraprojectsssd
1.9.1
fedoraprojectsssd
1.9.2
redhatenterprise_linux
6.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
sssd
bookworm
2.8.2-4
fixed
bullseye
2.4.1-2
fixed
sid
2.9.5-3
fixed
squeeze
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
sssd
hardy
dne
lucid
ignored
oneiric
ignored
precise
ignored
quantal
ignored
raring
Fixed 1.9.3-0ubuntu2
released
saucy
Fixed 1.9.3-0ubuntu2
released
trusty
Fixed 1.9.3-0ubuntu2
released
utopic
Fixed 1.9.3-0ubuntu2
released
vivid
Fixed 1.9.3-0ubuntu2
released
wily
Fixed 1.9.3-0ubuntu2
released
xenial
Fixed 1.9.3-0ubuntu2
released
yakkety
Fixed 1.9.3-0ubuntu2
released
zesty
Fixed 1.9.3-0ubuntu2
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libipa_hbac-devel
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
libipa_hbac0
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
libsss_certmap-devel
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
libsss_certmap0
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
libsss_idmap-devel
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
libsss_idmap0
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
libsss_nss_idmap-devel
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
libsss_nss_idmap0
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
libsss_simpleifp-devel
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
libsss_simpleifp0
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
python-sssd-config
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
python3-sssd-config
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
sssd
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
sssd-32bit
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
sssd-ad
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
sssd-dbus
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
sssd-ipa
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
sssd-krb5
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
sssd-krb5-common
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
sssd-ldap
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
sssd-proxy
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
sssd-tools
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 12 SP5
1.16.1-4.17.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 12 SP5
1.16.1-4.17.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
sssd-wbclient
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
sssd-wbclient-devel
suse enterprise desktop 15
1.16.1-1.22
fixed
suse enterprise desktop 15 SP1
1.16.1-3.18.1
fixed
suse enterprise sap 15
1.16.1-1.22
fixed
suse enterprise sap 15 SP1
1.16.1-3.18.1
fixed
suse enterprise server 15
1.16.1-1.22
fixed
suse enterprise server 15 SP1
1.16.1-3.18.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
libipa
RHEL 6
0:1.9.2-82.el6
fixed
libsss
RHEL 6
0:1.9.2-82.el6
fixed
sssd
RHEL 6
0:1.9.2-82.el6
fixed
sssd-client
RHEL 6
0:1.9.2-82.el6
fixed
sssd-tools
RHEL 6
0:1.9.2-82.el6
fixed
Common Weakness Enumeration
References
http://git.fedorahosted.org/cgit/sssd.git/commit/?id=020bf88fd1c5bdac8fc671b37c7118f5378c7047
http://git.fedorahosted.org/cgit/sssd.git/commit/?id=3843b284cd3e8f88327772ebebc7249990fd87b9
http://git.fedorahosted.org/cgit/sssd.git/commit/?id=94cbf1cfb0f88c967f1fb0a4cf23723148868e4a
http://git.fedorahosted.org/cgit/sssd.git/commit/?id=e864d914a44a37016736554e9257c06b18c57d37
http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html
http://rhn.redhat.com/errata/RHSA-2013-0508.html
http://rhn.redhat.com/errata/RHSA-2013-1319.html
http://secunia.com/advisories/51928
http://secunia.com/advisories/52315
http://www.securityfocus.com/bid/57539
https://bugzilla.redhat.com/show_bug.cgi?id=884254
https://fedorahosted.org/sssd/ticket/1782
https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4
http://git.fedorahosted.org/cgit/sssd.git/commit/?id=020bf88fd1c5bdac8fc671b37c7118f5378c7047
http://git.fedorahosted.org/cgit/sssd.git/commit/?id=3843b284cd3e8f88327772ebebc7249990fd87b9
http://git.fedorahosted.org/cgit/sssd.git/commit/?id=94cbf1cfb0f88c967f1fb0a4cf23723148868e4a
http://git.fedorahosted.org/cgit/sssd.git/commit/?id=e864d914a44a37016736554e9257c06b18c57d37
http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html
http://rhn.redhat.com/errata/RHSA-2013-0508.html
http://rhn.redhat.com/errata/RHSA-2013-1319.html
http://secunia.com/advisories/51928
http://secunia.com/advisories/52315
http://www.securityfocus.com/bid/57539
https://bugzilla.redhat.com/show_bug.cgi?id=884254
https://fedorahosted.org/sssd/ticket/1782
https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4