Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE request for saltstack minion identity usurpation
From: Michael Scherer <misc () zarb org>
Date: Sat, 12 Oct 2013 00:26:09 +0200

Hi,

While looking for saltstack issues on github, i stumbled on this pull
request :
https://github.com/saltstack/salt/pull/7356

It seems that saltstack, a client/server configuration system ( like
puppet, chef, cfengine ) allowed to have any minions ( agent on the
server to be configured ) to masquerade itself as any others agents when
requesting stuff from the master ( ie, main server ).
While I didn't fully check, this would permit a compromised server to
request data from another server, thus leading to potential informations
leak ( like passwword, etc ).

Can a CVE be assigned, and I will pass it to upstream on the bug
report ?

-- 
Michael Scherer


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]