CVE-2013-0220

Publication date 24 February 2013

Last updated 24 July 2024


Ubuntu priority

The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of service (out-of-bounds read, crash, and restart) via a crafted SSSD packet.

Status

Package Ubuntu Release Status
sssd 17.04 zesty
Fixed 1.9.3-0ubuntu2
16.10 yakkety
Fixed 1.9.3-0ubuntu2
16.04 LTS xenial
Fixed 1.9.3-0ubuntu2
15.10 wily
Fixed 1.9.3-0ubuntu2
15.04 vivid
Fixed 1.9.3-0ubuntu2
14.10 utopic
Fixed 1.9.3-0ubuntu2
14.04 LTS trusty
Fixed 1.9.3-0ubuntu2
13.10 saucy
Fixed 1.9.3-0ubuntu2
13.04 raring
Fixed 1.9.3-0ubuntu2
12.10 quantal Ignored end of life
12.04 LTS precise Ignored end of life
11.10 oneiric Ignored end of life
10.04 LTS lucid Ignored end of life
8.04 LTS hardy Not in release