Showing 1 - 4 of 4

CVE-2021-3197

Status Candidate

Overview

An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.

Related Files

Gentoo Linux Security Advisory 202310-22: Posted Oct 31, 2023; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202310-22 - Multiple vulnerabilities have been discovered in Salt, the worst of which could result in local privilege escalation. Versions greater than or equal to 3004.2 are affected.; tags | advisory, local, vulnerability; systems | linux, gentoo; advisories | CVE-2020-28243, CVE-2020-28972, CVE-2020-35662, CVE-2021-21996, CVE-2021-25281, CVE-2021-25282, CVE-2021-25283, CVE-2021-25284, CVE-2021-3144, CVE-2021-3148, CVE-2021-31607, CVE-2021-3197, CVE-2022-22934, CVE-2022-22935; SHA-256 | 8d15c49b62885ce5a92b80cc9b7455a545b31835278e8e5f87d3866b3dd6e790; Download | Favorite | View

Debian Security Advisory 5011-1: Posted Nov 28, 2021; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5011-1 - Multiple security vulnerabilities have been discovered in Salt, a powerful remote execution manager, that allow for local privilege escalation on a minion, server side template injection attacks, insufficient checks for eauth credentials, shell and command injections or incorrect validation of SSL certificates.; tags | advisory, remote, shell, local, vulnerability; systems | linux, debian; advisories | CVE-2020-28243, CVE-2020-28972, CVE-2020-35662, CVE-2021-21996, CVE-2021-25281, CVE-2021-25282, CVE-2021-25283, CVE-2021-25284, CVE-2021-3144, CVE-2021-3148, CVE-2021-31607, CVE-2021-3197; SHA-256 | 7bb7fffca8de5352e1fd6dffa90e1381b4c3e9b7b95fb7359363d2650c0511f0; Download | Favorite | View

Microsoft Windows Filtering Platform Token Access Check Privilege Escalation: Posted Jun 23, 2021; Authored by James Forshaw, Google Security Research; The Windows Filtering Platform does not verify the token impersonation level when checking filters allowing the bypass of firewall rules leading to elevation of privilege.; tags | exploit; systems | windows; advisories | CVE-2021-31970; SHA-256 | d50c76fd05c506889a7df42cb2597789f0a3498e0efb4795bd03d621894da27f; Download | Favorite | View

Gentoo Linux Security Advisory 202103-01: Posted Mar 31, 2021; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202103-1 - Multiple vulnerabilities have been found in Salt, the worst of which could allow remote attacker to execute arbitrary commands. Versions less than 3000.8 are affected.; tags | advisory, remote, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2020-28243, CVE-2020-28972, CVE-2020-35662, CVE-2021-25281, CVE-2021-25282, CVE-2021-25283, CVE-2021-25284, CVE-2021-3144, CVE-2021-3148, CVE-2021-3197; SHA-256 | 1fb0dacbd9c9195812a7ba36af666c1b8eadeff44eb24cd158f8df8aba52a654; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2021-3197

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems