সংকুচিত হচ্ছে কক্সবাজারের লবণ শিল্প | 1031482 | কালের কণ্ঠ kalerkantho.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from kalerkantho.com Daily Mail and Mail on Sunday newspapers.
Any user could become root, warns Immersive Labs researcher
Gareth Corfield Wed 3 Mar 2021 // 16:47 UTC Share
Copy
Proof of concept code has been published for a vulnerability in popular data centre security management tool Saltstack, which was discovered after a developer at Immersive Labs found a privilege escalation bug allowing any old user to become root.
SaltStack offers open-source, Python-based automation tools and was acquired by VMware in October last year.
Salt and pepper
Last year Salt patched two CVEs – CVE-2020-11651 and CVE-2020-11652 – after researchers from F-Secure spotted an authentication bypass and a directory traversal vuln, both of which were patched at the time. Famously, the combo exposed those with Salt installations to complete control by an attacker.
Anson Resources Ltd accelerates flagship Paradox project development in response to US Biden Administration s support for electric vehicles proactiveinvestors.com.au - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from proactiveinvestors.com.au Daily Mail and Mail on Sunday newspapers.