Lucene search
This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.OPENSUSE-2016-318.NASLHistoryMar 10, 2016 - 12:00 a.m.
openSUSE Security Update : salt (openSUSE-2016-318)
2016-03-1000:00:00
This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.
www.tenable.com
13
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
52.5%
This update for salt fixes the following issues :
- CVE-2016-1866: Improper handling of clear messages on the minion remote code execution (boo#965403)
The following bugs were fixed :
-
boo#958350: Salt crashes on invalid UTF-8 in package data
-
boo#959572: ‘salt ‘*’ pkg.info_installed’ causes exception on sles12sp1 client
-
boo#963322: salt-api cannot be stopped correctly
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2016-318.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(89814);
script_version("2.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2016-1866");
script_name(english:"openSUSE Security Update : salt (openSUSE-2016-318)");
script_summary(english:"Check for the openSUSE-2016-318 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"This update for salt fixes the following issues :
- CVE-2016-1866: Improper handling of clear messages on
the minion remote code execution (boo#965403)
The following bugs were fixed :
- boo#958350: Salt crashes on invalid UTF-8 in package
data
- boo#959572: 'salt '*' pkg.info_installed' causes
exception on sles12sp1 client
- boo#963322: salt-api cannot be stopped correctly"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=958350"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=959572"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963322"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=965403"
);
script_set_attribute(attribute:"solution", value:"Update the affected salt packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:salt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:salt-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:salt-bash-completion");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:salt-cloud");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:salt-fish-completion");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:salt-master");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:salt-minion");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:salt-proxy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:salt-raet");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:salt-ssh");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:salt-syndic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:salt-zsh-completion");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1");
script_set_attribute(attribute:"patch_publication_date", value:"2016/03/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/10");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE42.1", reference:"salt-2015.8.7-13.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"salt-api-2015.8.7-13.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"salt-bash-completion-2015.8.7-13.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"salt-cloud-2015.8.7-13.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"salt-fish-completion-2015.8.7-13.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"salt-master-2015.8.7-13.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"salt-minion-2015.8.7-13.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"salt-proxy-2015.8.7-13.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"salt-raet-2015.8.7-13.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"salt-ssh-2015.8.7-13.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"salt-syndic-2015.8.7-13.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"salt-zsh-completion-2015.8.7-13.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "salt / salt-api / salt-bash-completion / salt-cloud / etc");
}
Related
veracode
veracode
Remote Code Execution (RCE)
2017-02-14 07:39:00
github
github
Salt Improper Access Control
2022-05-14 02:11:54
cvelist
cvelist
CVE-2016-1866
2016-04-12 14:00:00
osv
osv
Salt Improper Access Control
2022-05-14 02:11:54
PYSEC-2016-23
2016-04-12 14:59:00
nvd
nvd
CVE-2016-1866
2016-04-12 14:59:09
prion
prion
Code injection
2016-04-12 14:59:00
freebsd
freebsd
salt -- code execution
2016-01-25 00:00:00
ubuntucve
ubuntucve
CVE-2016-1866
2016-04-12 00:00:00
nessus
nessus
FreeBSD : salt -- code execution (0652005e-ca96-11e5-96d6-14dae9d210b8)
2016-02-04 00:00:00
debiancve
debiancve
CVE-2016-1866
2016-04-12 14:59:09
cve
cve
CVE-2016-1866
2016-04-12 14:59:09
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
52.5%
Related for OPENSUSE-2016-318.NASL