Linux Security
    Linux Security
    Linux Security

    ArchLinux: 202005-1: salt: multiple issues

    Date
    185
    Posted By
    The package salt before version 2019.2.4-1 is vulnerable to multiple issues including arbitrary command execution and arbitrary filesystem access.
    Arch Linux Security Advisory ASA-202005-1
    =========================================
    
    Severity: Critical
    Date    : 2020-05-05
    CVE-ID  : CVE-2020-11651 CVE-2020-11652
    Package : salt
    Type    : multiple issues
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-1147
    
    Summary
    =======
    
    The package salt before version 2019.2.4-1 is vulnerable to multiple
    issues including arbitrary command execution and arbitrary filesystem
    access.
    
    Resolution
    ==========
    
    Upgrade to 2019.2.4-1.
    
    # pacman -Syu "salt>=2019.2.4-1"
    
    The problems have been fixed upstream in version 2019.2.4.
    
    Workaround
    ==========
    
    Do not expose salt-master to the internet.
    
    Description
    ===========
    
    - CVE-2020-11651 (arbitrary command execution)
    
    An issue was discovered in SaltStack Salt before 2019.2.4 and 3000
    before 3000.2. The salt-master process ClearFuncs class does not
    properly validate method calls. This allows a remote user to access
    some methods without authentication. These methods can be used to
    retrieve user tokens from the salt master and/or run arbitrary commands
    on salt minions.
    
    - CVE-2020-11652 (arbitrary filesystem access)
    
    An issue was discovered in SaltStack Salt before 2019.2.4 and 3000
    before 3000.2. The salt-master process ClearFuncs class allows access
    to some methods that improperly sanitize paths. These methods allow
    arbitrary directory access to authenticated users.
    
    Impact
    ======
    
    A remote unauthenticated user can execute arbitrary commands and access
    files on the affected host.
    
    References
    ==========
    
    https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html
    https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst
    https://github.com/saltstack/salt/commit/a67d76b15615983d467ed81371b38b4a17e4f3b7
    https://github.com/saltstack/salt/commit/cce7abad9c22d9d50ccee2813acabff8deca35dd
    https://security.archlinux.org/CVE-2020-11651
    https://security.archlinux.org/CVE-2020-11652
    

    Advisories

    LinuxSecurity Poll

    How are you contributing to Open Source?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /main-polls/37-how-are-you-contributing-to-open-source?task=poll.vote&format=json
    37
    radio
    [{"id":"127","title":"I'm involved with the development of an open-source project(s).","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"128","title":"I've reported vulnerabilities I've discovered in open-source code.","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"129","title":"I've provided developers with feedback on their projects.","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"130","title":"I've helped another community member get started contributing to Open Source.","votes":"0","type":"x","order":"4","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.