SB2019022302 - OpenSUSE Linux update for ansible

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019022302

SB2019022302 - OpenSUSE Linux update for ansible

Published: February 23, 2019 Updated: May 15, 2019

Security Bulletin ID SB2019022302
Severity
Medium
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 33% Low 67%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Improper input validation (CVE-ID: CVE-2017-7466)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation when processing responses, send by clients to Ansible server. A remote client can send a specially crafted response and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Improper input validation (CVE-ID: CVE-2017-7481)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation when processing responses for lookup() calls. A remote client can can inject unicode strings which may then be parsed by the jinja2 templating system resulting in code execution.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


3) Information disclosure (CVE-ID: CVE-2018-10855)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to improper honor of the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.

4) Privilege escalation (CVE-ID: CVE-2018-10875)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists due to the system loads inventory variables from the current working directory when running an ad-hoc command. A local attacker can modify the variables and execute arbitrary code from those paths with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


5) Information disclosure (CVE-ID: CVE-2018-16859)

The vulnerability allows a local attacker with administrative privileges to obtain potentially sensitive information.

The vulnerability exists due to the plaintext exposure of “become” passwords when Ansible playbooks are executed on a Windows system with PowerShell scriptblock logging and module logging. A local attacker can discover the plaintext password that can be used to conduct further attacks.


6) Information disclosure (CVE-ID: CVE-2018-16876)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to the affected software does not honor the no_log flag for failed tasks with vvv+ mode enabled. A remote attacker can send a specially crafted request to a targeted system via a connection plug-in that is designed to trigger connection exceptions, which could cause task information to be logged and access sensitive information, which could be used to conduct further attacks.


Remediation

Install update from vendor's website.

References