5 matches found
SUSE CVE-2016-1866
Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream...
CVE-2016-1866
Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream...
CVE-2016-1866
Salt 2015.8.x before 2015.8.4 is vulnerable due to improper handling of clear messages on the minion, enabling a man-in-the-middle to insert packets into the minion-master data stream and execute arbitrary code. A patch is available in Salt 2015.8.4 (and later) to fix this. The CVSS context from ...
openSUSE Security Update : salt (openSUSE-2016-318)
This update for salt fixes the following issues : - CVE-2016-1866: Improper handling of clear messages on the minion remote code execution boo965403 The following bugs were fixed : - boo958350: Salt crashes on invalid UTF-8 in package data - boo959572: 'salt '' pkg.infoinstalled' causes exception...
FreeBSD : salt -- code execution (0652005e-ca96-11e5-96d6-14dae9d210b8)
SaltStack reports : Improper handling of clear messages on the minion, which could result in executing commands not sent by the master. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database :...