Bug 1305460 (CVE-2016-1866) - CVE-2016-1866 salt: Improper handling of clear messages on the minion
Summary: CVE-2016-1866 salt: Improper handling of clear messages on the minion
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2016-1866
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=moderate,public=20160125,repor...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-02-08 10:19 UTC by Adam Mariš
Modified: 2019-06-08 20:59 UTC (History)
4 users (show)

Fixed In Version: salt 2015.8.5, salt 2015.8.4
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-02-08 10:19:39 UTC


Attachments (Terms of Use)

Description Adam Mariš 2016-02-08 10:19:04 UTC
An Improper handling of clear messages on the minion, which could result in executing commands not sent by the master was found. This issue affects only the 2015.8.x releases of Salt. In order for an attacker to use this attack vector, they would have to execute a successful attack on an existing TCP connection between minion and master on the pub port. It does not allow an external attacker to obtain the shared secret or decrypt any encrypted traffic between minion and master.

External Reference:

https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html


Note You need to log in before you can comment on or make changes to this bug.