FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
6d25c306-f3bb-11e5-92ce-002590263bf5	salt -- Insecure configuration of PAM external authentication service SaltStack reports: This issue affects all Salt versions prior to 2015.8.8/2015.5.10 when PAM external authentication is enabled. This issue involves passing an alternative PAM authentication service with a command that is sent to LocalClient, enabling the attacker to bypass the configured authentication service. Discovery 2016-03-17 Entry 2016-03-27 py27-salt py32-salt py33-salt py34-salt py35-salt < 2015.5.10 ge 2015.8.0 lt 2015.8.8 CVE-2016-3176 https://docs.saltstack.com/en/latest/topics/releases/2015.8.8.html

VuXML ID

Description

6d25c306-f3bb-11e5-92ce-002590263bf5

salt -- Insecure configuration of PAM external authentication service

SaltStack reports:

This issue affects all Salt versions prior to 2015.8.8/2015.5.10 when PAM external authentication is enabled. This issue involves passing an alternative PAM authentication service with a command that is sent to LocalClient, enabling the attacker to bypass the configured authentication service.

Discovery 2016-03-17
Entry 2016-03-27
py27-salt
py32-salt
py33-salt
py34-salt
py35-salt

< 2015.5.10

ge 2015.8.0 lt 2015.8.8

CVE-2016-3176
https://docs.saltstack.com/en/latest/topics/releases/2015.8.8.html