Detections
Analytics

FreeBSD : cloud-init -- Wrong access permissions of authorized keys (8899298f-5a92-11eb-8558-3085a9a47796)

high Nessus Plugin ID 145187

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

cloud-init reports :

cloud-init release 20.4.1 is now available. This is a hotfix release, that contains a single patch to address a security issue in cloud-init 20.4.

Briefly, for users who provide more than one unique SSH key to cloud-init and have a shared AuthorizedKeysFile configured in sshd_config, cloud-init 20.4 started writing all of these keys to such a file, granting all such keys SSH access as root.

It's worth restating this implication: if you are using the default AuthorizedKeysFile setting in /etc/ssh/sshd_config, as most will be, then you are _not_ affected by this issue.

Solution

Update the affected package.

See Also

https://bugs.launchpad.net/cloud-init/+bug/1911680

http://www.nessus.org/u?b1f43f07

Plugin Details

Severity: High

ID: 145187

File Name: freebsd_pkg_8899298f5a9211eb85583085a9a47796.nasl

Version: 1.1

Type: local

Published: 1/20/2021

Updated: 1/20/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:cloud-init, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 1/19/2021

Vulnerability Publication Date: 1/14/2021