Description
The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low
Affected products
- SUSE / SUSE Linux Enterprise Server 12squid – 3.5.21-26.17.1
- SUSE / SUSE Linux Enterprise Server 15squid – 4.8-5.8.1
References
- MISChttps://bugzilla.suse.com/show_bug.cgi?id=1093414
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html