PT-2019-16649 · Suse · Squid+3

Luiz Angelo Daros De Luca

·

Published

2019-10-07

·

Updated

2024-06-15

·

CVE-2019-3688

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Name of the Vulnerable Software and Affected Versions SUSE Linux Enterprise Server 15 versions prior to 4.8-5.8.1 SUSE Linux Enterprise Server 12 versions prior to 3.5.21-26.17.1
Description The issue concerns the /usr/sbin/pinger binary packaged with squid, which had squid:root and 0750 permissions. This allowed an attacker who compromised the squid user to gain persistence by modifying the binary.
Recommendations For SUSE Linux Enterprise Server 15 versions prior to 4.8-5.8.1, update to version 4.8-5.8.1 or later to resolve the issue. For SUSE Linux Enterprise Server 12 versions prior to 3.5.21-26.17.1, update to version 3.5.21-26.17.1 or later to resolve the issue.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2019-3688
OPENSUSE-SU-2019:2540-1
OPENSUSE-SU-2019:2541-1
OPENSUSE-SU-2019:2672-1
OPENSUSE-SU-2019_2540-1
OPENSUSE-SU-2019_2541-1
OPENSUSE-SU-2019_2672-1
OPENSUSE-SU-2021:1520-1
OPENSUSE-SU-2021_1520-1
OPENSUSE-SU-2024:11165-1
SUSE-SU-2019:2975-1
SUSE-SU-2019:3180-1
SUSE-SU-2019:3182-1
SUSE-SU-2019:3183-1
SUSE-SU-2019_3180-1
SUSE-SU-2019_3182-1
SUSE-SU-2019_3183-1
SUSE-SU-2020:1163-1
SUSE-SU-2020_1163-1
SUSE-SU-2021:2280-1
SUSE-SU-2021_2280-1

Affected Products

Suse Linux Enterprise Server 12
Suse Linux Enterprise Server 15
Suse
Squid