FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

salt -- Maliciously crafted minion IDs can cause unwanted directory traversals on the Salt-master

Affected packages
py27-salt < 2016.11.7
2017.7.0 <= py27-salt < 2017.7.1
py32-salt < 2016.11.7
2017.7.0 <= py32-salt < 2017.7.1
py33-salt < 2016.11.7
2017.7.0 <= py33-salt < 2017.7.1
py34-salt < 2016.11.7
2017.7.0 <= py34-salt < 2017.7.1
py35-salt < 2016.11.7
2017.7.0 <= py35-salt < 2017.7.1
py36-salt < 2016.11.7
2017.7.0 <= py36-salt < 2017.7.1

Details

VuXML ID 3531141d-a708-477c-954a-2a0549e49ca9
Discovery 2017-08-16
Entry 2017-08-22

SaltStack reports:

Correct a flaw in minion id validation which could allow certain minions to authenticate to a master despite not having the correct credentials. To exploit the vulnerability, an attacker must create a salt-minion with an ID containing characters that will cause a directory traversal. Credit for discovering the security flaw goes to: Vernhk@qq.com

References

CVE Name CVE-2017-12791
URL https://docs.saltstack.com/en/latest/topics/releases/2016.11.7.html
URL https://docs.saltstack.com/en/latest/topics/releases/2017.7.1.html