OVAL Reference oval:org.opensuse.security:def:20178109

Oval Definition:

oval:org.opensuse.security:def:20178109

Revision Date:	2022-05-20	Version:	1
Title:	CVE-2017-8109
Description:	The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients).
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2017-8109 SUSE-CU-2019:729-1 SUSE-CU-2019:731-1 SUSE-CU-2019:733-1 SUSE-SU-2017:1581-1 SUSE-SU-2017:1582-1 Mitre CVE-2017-8109 SUSE CVE-2017-8109 SUSE-CU-2019:729-1 SUSE-CU-2019:731-1 SUSE-CU-2019:733-1 SUSE-SU-2017:1581-1 SUSE-SU-2017:1582-1
Platform(s):	SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Point of Sale 12 SP2 SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 11 SP3-CLIENT-TOOLS SUSE Linux Enterprise Server for SAP Applications 11 SP4-CLIENT-TOOLS SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5	Product(s):
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS is installed AND Package Information salt-2016.11.4-42 is installed OR salt-doc-2016.11.4-42 is installed OR salt-minion-2016.11.4-42 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND salt-2016.11.4-45 is installed OR salt-api-2016.11.4-45 is installed OR salt-bash-completion-2016.11.4-45 is installed OR salt-cloud-2016.11.4-45 is installed OR salt-doc-2016.11.4-45 is installed OR salt-master-2016.11.4-45 is installed OR salt-minion-2016.11.4-45 is installed OR salt-proxy-2016.11.4-45 is installed OR salt-ssh-2016.11.4-45 is installed OR salt-syndic-2016.11.4-45 is installed OR salt-zsh-completion-2016.11.4-45 is installed OR Package Information SUSE Linux Enterprise Point of Sale 12 SP2 is installed AND salt-2016.11.4-45 is installed OR salt-minion-2016.11.4-45 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS is installed OR SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS is installed AND Package Information salt-2016.11.4-42.2 is installed OR salt-doc-2016.11.4-42.2 is installed OR salt-minion-2016.11.4-42.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information salt-2016.11.4-45 is installed OR salt-api-2016.11.4-45 is installed OR salt-bash-completion-2016.11.4-45 is installed OR salt-cloud-2016.11.4-45 is installed OR salt-doc-2016.11.4-45 is installed OR salt-master-2016.11.4-45 is installed OR salt-minion-2016.11.4-45 is installed OR salt-proxy-2016.11.4-45 is installed OR salt-ssh-2016.11.4-45 is installed OR salt-syndic-2016.11.4-45 is installed OR salt-zsh-completion-2016.11.4-45 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS is installed OR SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-CLIENT-TOOLS is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4-CLIENT-TOOLS is installed AND Package Information salt-2016.11.4-42 is installed OR salt-doc-2016.11.4-42 is installed OR salt-minion-2016.11.4-42 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND salt-2016.11.4-45.2 is installed OR salt-api-2016.11.4-45.2 is installed OR salt-bash-completion-2016.11.4-45.2 is installed OR salt-cloud-2016.11.4-45.2 is installed OR salt-doc-2016.11.4-45.2 is installed OR salt-master-2016.11.4-45.2 is installed OR salt-minion-2016.11.4-45.2 is installed OR salt-proxy-2016.11.4-45.2 is installed OR salt-ssh-2016.11.4-45.2 is installed OR salt-syndic-2016.11.4-45.2 is installed OR salt-zsh-completion-2016.11.4-45.2 is installed OR Package Information SUSE Linux Enterprise Point of Sale 12 SP2 is installed AND salt-2016.11.4-45.2 is installed OR salt-minion-2016.11.4-45.2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 12 is installed OR SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed OR SUSE Linux Enterprise Server 12 is installed OR SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND Package Information salt-2016.11.4-45.2 is installed OR salt-api-2016.11.4-45.2 is installed OR salt-bash-completion-2016.11.4-45.2 is installed OR salt-cloud-2016.11.4-45.2 is installed OR salt-doc-2016.11.4-45.2 is installed OR salt-master-2016.11.4-45.2 is installed OR salt-minion-2016.11.4-45.2 is installed OR salt-proxy-2016.11.4-45.2 is installed OR salt-ssh-2016.11.4-45.2 is installed OR salt-syndic-2016.11.4-45.2 is installed OR salt-zsh-completion-2016.11.4-45.2 is installed

BACK