SB2019062714 - OpenSUSE Linux update for ansible
Published: June 27, 2019
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Information disclosure (CVE-ID: CVE-2018-16837)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to Ansible "User" module exposes data passed as parameter to ssh-keygen. A local user with ability to view process list can obtain sensitive information.
2) Information disclosure (CVE-ID: CVE-2018-16859)
The vulnerability allows a local attacker with administrative privileges to obtain potentially sensitive information.
The vulnerability exists due to the plaintext exposure of “become” passwords when Ansible playbooks are executed on a Windows system with PowerShell scriptblock logging and module logging. A local attacker can discover the plaintext password that can be used to conduct further attacks.
3) Information disclosure (CVE-ID: CVE-2018-16876)
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to the affected software does not honor the no_log flag for failed tasks with vvv+ mode enabled. A remote attacker can send a specially crafted request to a targeted system via a connection plug-in that is designed to trigger connection exceptions, which could cause task information to be logged and access sensitive information, which could be used to conduct further attacks.
4) Path traversal (CVE-ID: CVE-2019-3828)
The vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and copy and overwrite files outside of the specified destination in the local ansible controller host.
Remediation
Install update from vendor's website.