Download
| Alert*
oval:org.secpod.oval:def:95625
The host is installed with SaltStack Salt before 3002.9 or 3003 before 3003.5 or 3004 before 3004.2 and is prone to an incorrect authorization vulnerability. A flaw exists exists within the application, which fails to properly handle the PAM auth. Successful exploitation allows a previously authoriz ... oval:org.secpod.oval:def:89047725 This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAM_ACCT_MGM return value that could be used to bypass authentication when using PAM oval:org.secpod.oval:def:89046744 This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAM_ACCT_MGM return value that could by used to bypass authentication when using PAM oval:org.secpod.oval:def:3300469 SUSE Security Update: Security update for salt oval:org.secpod.oval:def:89047413 This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAM_ACCT_MGM return value that could be used to bypass PAM authentication oval:org.secpod.oval:def:89046420 This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAM_ACCT_MGM return value that could be used to bypass authentication when using PAM oval:org.secpod.oval:def:89046727 This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAM_ACCT_MGM return value that could be used to bypass authentication when using PAM |