Bug 1305460 - (CVE-2016-1866) CVE-2016-1866 salt: Improper handling of clear messages on the minion
CVE-2016-1866 salt: Improper handling of clear messages on the minion
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20160125,repor...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-02-08 05:19 EST by Adam Mariš
Modified: 2016-02-08 05:19 EST (History)
4 users (show)

See Also:
Fixed In Version: salt 2015.8.5, salt 2015.8.4
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-02-08 05:19:39 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Adam Mariš 2016-02-08 05:19:04 EST
An Improper handling of clear messages on the minion, which could result in executing commands not sent by the master was found. This issue affects only the 2015.8.x releases of Salt. In order for an attacker to use this attack vector, they would have to execute a successful attack on an existing TCP connection between minion and master on the pub port. It does not allow an external attacker to obtain the shared secret or decrypt any encrypted traffic between minion and master.

External Reference:

https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html

Note You need to log in before you can comment on or make changes to this bug.