7 matches found
elita (>=0.60.0 <=0.64.1) potentially affected by CVE-2017-14695 via salt (=2014.1.10)
salt PYPI version =2014.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - elita =0.60.0, =0.64.1 Source cves: CVE-2017-14695 Source advisory: OSV:GHSA-J6GJ-PG62-X8J6...
USN-4769-1: Salt vulnerabilities
It was discovered that Salt allowed remote attackers to write to arbitrary files via a special crafted file. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. CVE-2014-3563 Andreas Stieger discovered that Salt...
Photon OS 1.0: Salt PHSA-2018-1.0-0106
An update of the salt package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-1.0-0106. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121806;...
CVE-2017-14695
CVE-2017-14695 is a SaltStack Salt directory traversal vulnerability in minion_id validation. It affects Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2, enabling remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. This iss...
openSUSE Security Update : salt (openSUSE-2017-1183)
Salt was updated to 2017.7.2 and also to fix various bugs and security issues. See the following resources for the full changelog: https://docs.saltstack.com/en/develop/topics/releases/2017.7.2.html https://docs.saltstack.com/en/develop/topics/releases/2017.7.1.html...
CVE-2017-14695
Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability exists because of an...
[ASA-201710-12] salt: multiple issues
Arch Linux Security Advisory ASA-201710-12 ========================================== Severity: Medium Date : 2017-10-09 CVE-ID : CVE-2017-14695 CVE-2017-14696 Package : salt Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-438 Summary ======= The package salt before...