UBUNTU-CVE-2013-0287

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2013-0287
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-0287.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2013-0287
Upstream
  • CVE-2013-0287
Withdrawn
2025-07-18T16:42:49Z
Published
2013-03-21T16:55:00Z
Modified
2025-07-16T07:17:04.705456Z
Severity
  • Ubuntu - medium
Summary
[none]
Details

The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simpledenygroups option, which allows remote authenticated users to bypass intended access restrictions.

References

Affected packages

Ubuntu:14.04:LTS / sssd

Package

Name
sssd
Purl
pkg:deb/ubuntu/sssd@1.11.4-1ubuntu2?arch=source&distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.4-1ubuntu2

Affected versions

1.*
1.11.1-0ubuntu1
1.11.2-1
1.11.3-1
1.11.4-1ubuntu1

Ecosystem specific 

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libipa-hbac-dev",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "libipa-hbac0",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "libnss-sss",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "libpam-sss",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "libsss-idmap-dev",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "libsss-idmap0",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "libsss-nss-idmap-dev",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "libsss-nss-idmap0",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "libsss-sudo",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "python-libipa-hbac",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "python-libsss-nss-idmap",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "python-sss",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "sssd",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "sssd-ad",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "sssd-ad-common",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "sssd-common",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "sssd-ipa",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "sssd-krb5",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "sssd-krb5-common",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "sssd-ldap",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "sssd-proxy",
            "binary_version": "1.11.4-1ubuntu2"
        },
        {
            "binary_name": "sssd-tools",
            "binary_version": "1.11.4-1ubuntu2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-0287.json"