{"id":"UBUNTU-CVE-2013-0287","details":"The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.","modified":"2025-07-16T07:17:04.705456Z","published":"2013-03-21T16:55:00Z","withdrawn":"2025-07-18T16:42:49Z","upstream":["CVE-2013-0287"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2013-0287"},{"type":"REPORT","url":"http://www.openwall.com/lists/oss-security/2013/03/20/12"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2013-0287"}],"affected":[{"package":{"name":"sssd","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/sssd@1.11.4-1ubuntu2?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.11.4-1ubuntu2"}]}],"versions":["1.11.1-0ubuntu1","1.11.2-1","1.11.3-1","1.11.4-1ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"1.11.4-1ubuntu2","binary_name":"libipa-hbac-dev"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"libipa-hbac0"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"libnss-sss"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"libpam-sss"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"libsss-idmap-dev"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"libsss-idmap0"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"libsss-nss-idmap-dev"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"libsss-nss-idmap0"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"libsss-sudo"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"python-libipa-hbac"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"python-libsss-nss-idmap"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"python-sss"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"sssd"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"sssd-ad"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"sssd-ad-common"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"sssd-common"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"sssd-ipa"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"sssd-krb5"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"sssd-krb5-common"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"sssd-ldap"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"sssd-proxy"},{"binary_version":"1.11.4-1ubuntu2","binary_name":"sssd-tools"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-0287.json"}}],"schema_version":"1.7.3","severity":[{"type":"Ubuntu","score":"medium"}]}