FreeBSD : salt -- multiple vulnerabilities (50127e44-7b88-4ade-8e12-5d57320823f1)

critical Nessus Plugin ID 104759

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

SaltStack reports :

Directory traversal vulnerability in minion id validation in SaltStack. Allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. Credit for discovering the security flaw goes to: Julian Brost ([email protected]). NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12791.

Remote Denial of Service with a specially crafted authentication request. Credit for discovering the security flaw goes to: Julian Brost ([email protected])

Solution

Update the affected packages.

See Also

https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html

https://docs.saltstack.com/en/2016.11/topics/releases/2016.11.8.html

http://www.nessus.org/u?e282fff1

http://www.nessus.org/u?eb9d9f53

http://www.nessus.org/u?6d13c7fd

Plugin Details

Severity: Critical

ID: 104759

File Name: freebsd_pkg_50127e447b884ade8e125d57320823f1.nasl

Version: 3.4

Type: local

Published: 11/27/2017

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:py27-salt, p-cpe:/a:freebsd:freebsd:py32-salt, p-cpe:/a:freebsd:freebsd:py33-salt, p-cpe:/a:freebsd:freebsd:py34-salt, p-cpe:/a:freebsd:freebsd:py35-salt, p-cpe:/a:freebsd:freebsd:py36-salt, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 11/23/2017

Vulnerability Publication Date: 10/9/2017

Reference Information

CVE: CVE-2017-14695, CVE-2017-14696