An issue exists in SaltStack Salt prior to 2019.2.4 and 3000 prior to 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
saltstack salt |
||
opensuse leap 15.1 |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 16.04 |
||
blackberry workspaces server 9.1.0 |
||
blackberry workspaces server |
||
vmware application remote collector 8.0.0 |
||
vmware application remote collector 7.5.0 |
Plus other news from infosec land this week
Roundup Six Cisco-operated servers were hacked via SaltStack security vulnerabilities, the networking giant revealed this week. The compromised systems act as the salt-master servers for releases 1.2 and 1.3 of Cisco's Virtual Internet Routing Lab Personal Edition (VIRL-PE) product, and customer installations connect to these Cisco-maintained backend boxes. SaltStack is a tool for managing software running on remote systems, and issued security patches at the end of April for two vulnerabilities...
Nothing too scary. Plus updates from SAP, Adobe, VMware One malicious MMS is all it takes to pwn a Samsung smartphone: Bug squashed amid Android patch batch
Patch Tuesday The May edition of Patch Tuesday landed this week. And there are scores of security fixes to install. A total of 111 fixes were released by Microsoft, though on the bright side none are being actively exploited, as far as we know. Sixteen earned Microsoft's top rating of critical, and range from remote code execution to elevation of privilege. One standout programming blunder was CVE-2020-1067, a remote-code execution (RCE) vulnerability in all supported versions of Windows. Anyone...
Miscreants too busy mining for crypto to notice the gold lying around them?
DigiCert, slinger of SSL/TLS certificates, has warned that it too has suffered at the hands of Salty miscreants as a key used for Signed Certificate Timestamps (SCT) was potentially compromised. The company joins Ghost.org and LineageOS in being the target of ne'er do wells as attackers exploited a disclosed (and patched) vulnerability in the Salt configuration tool over the weekend, spraying exposed infrastructure with cryptocurrency mining software. Salt, which as we reported, disclosed the bu...
'The impact is full remote command execution as root on both master and all minions'
The Salt configuration tool has patched two vulnerabilities whose combined effect was to expose Salt installations to complete control by an attacker. A patch for the issues was released last night, but systems that are not set to auto-update may still be vulnerable. The vulnerabilities were discovered by security company F-Secure and assigned CVE numbers CVE-2020-11651 and CVE-2020-11652. They are patched in Salt 3000.2 and, for the previous stable release, 2019.2.4. Older releases will have to...