49 matches found
Ubuntu: Security Advisory (USN-6849-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Salt vulnerabilities (USN-6849-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6849-1 advisory. It was discovered that Salt incorrectly validated method calls and sanitized paths. A remote attacker could possibly use this issue to access some method...
Exploit for Path Traversal in Saltstack Salt
CVE-2020-11652-CVE-2020-11652-POC This is a fix POC CVE-2020-...
openSUSE: Security Advisory for salt (openSUSE-SU-2021:2106-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for salt (openSUSE-SU-2021:0899-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2021:2106-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:2105-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1150-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1151-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for Path Traversal in Saltstack Salt
SaltStack-Exp CVE-2020-11651 CVE-2020-11652 Exec-Master:...
Ubuntu 16.04 LTS / 18.04 LTS : Salt vulnerabilities (USN-4459-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4459-1 advisory. It was discovered that Salt allows remote attackers to determine which files exist on the server. An attacker could use that to extract...
Ubuntu: Security Advisory (USN-4459-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
VulnCheck KEV: CVE-2020-11652
SaltStack Salt contains a path traversal vulnerability in the salt-master process ClearFuncs which allows directory access to authenticated users. Salt users who follow fundamental internet security guidelines and best practices are not affected by this vulnerability...
SUSE SLES15 Security Update : Salt (SUSE-SU-2020:1973-1)
This update fixes the following issues : salt : Fix for TypeError in Tornado importer bsc1174165 Require python3-distro only for TW bsc1173072 Various virt backports from 3000.2 Avoid traceback on debug logging for swarm module bsc1172075 Add publishbatch to ClearFuncs exposed methods Update to...
Security Advisory - Two Vulnerabilities in SaltStack Salt
An authentication bypass vulnerability was discovered in SaltStack Salt. An attacker may exploit the vulnerability to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions. Vulnerability ID: HWPSIRT-2020-05592 This vulnerability has been assigned a Common...
Debian: Security Advisory (DLA-2223-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2223-1] salt security update
Package : salt Version : 2014.1.13+ds-3+deb8u1 CVE ID : CVE-2020-11651 CVE-2020-11652 Debian Bug : 959684 Several vulnerabilities were discovered in package salt, a configuration management and infrastructure automation software. CVE-2020-11651 The salt-master process ClearFuncs class does not...
SUSE-SU-2020:1392-1 Security update for salt
This update for salt fixes the following issues: Security issues fixed: - CVE-2020-11651: Fixed the improper validation of method calls in salt-master, that could have allowed unauthenticated remote users to run arbitrary commands on salt minions bsc1170595. - CVE-2020-11652: Fixed an improper pa...
Photon OS 1.0: Salt PHSA-2020-1.0-0294
An update of the salt package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0294. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136694;...
Photon OS 3.0: Salt3 PHSA-2020-3.0-0091
An update of the salt3 package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0091. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136699;...