Vulnerabilities > Fedorahosted
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-04-09 | CVE-2012-6097 | Information Exposure vulnerability in Fedorahosted Cronie 1.4.8 File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab. | 4.3 |
| 2011-01-25 | CVE-2010-4341 | Resource Management Errors vulnerability in multiple products The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet. | 2.1 |
| 2009-09-29 | CVE-2009-2905 | Buffer Errors vulnerability in Fedorahosted Newt 0.51.5/0.51.6/0.52.2 Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to display a crafted text dialog box. | 4.6 |
| 2009-07-30 | CVE-2009-2410 | Improper Authentication vulnerability in Fedorahosted Sssd 0.4.1 The local_handler_callback function in server/responder/pam/pam_LOCAL_domain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain access by sending the account's username, in conjunction with an arbitrary password, over an ssh connection. | 7.5 |