Project

General

Profile

Bug #6803

[3.5] salt: multiple issues (CVE-2017-5192, CVE-2017-5200)

Added by Alicha CH over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
Start date:
02/02/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

CVE-2017-5192: local_batch client external authentication not respected

The `LocalClient.cmd_batch()` method client does not accept `external_auth` credentials and so access to it from salt-api has been
removed for now. This vulnerability allows code execution for already- authenticated users and is only in effect when running salt-api as the `root` user.

Fixed In Version:

salt 2015.8.13, salt 2016.3.5, salt 2016.11.2

Reference:

https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html

CVE-2017-5200: Salt-api allows arbitrary command execution on a salt-master via Salt's ssh_client

Users of Salt-API and salt-ssh could execute a command on
the salt master via a hole when both systems were enabled.

Fixed In Version:

salt 2015.8.13, salt 2016.3.5, salt 2016.11.2

Reference:

https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html

Associated revisions

Revision e8237cd8 (diff)
Added by Sergei Lukin over 2 years ago

community/salt: security upgrade to 2016.11.2 - fixes #6803

CVE-2017-5192: local_batch client external authentication not respected
CVE-2017-5200: Salt-api allows arbitrary command execution on a salt-master via Salt's ssh_client

History

#1 Updated by Sergei Lukin over 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Alicha CH over 2 years ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF