CVE-2019-18932

HIGH

Squid Analysis Report Generator <2.3.11 - Privilege Escalation

Title source: llm
STIX 2.1

Description

log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and place symlinks in it (after winning a /tmp/sarg/denied.int_unsort race condition). The outcome will be corrupted or newly created files in privileged file system locations.

References (8)

Core 8
Core References
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.suse.com/show_bug.cgi?id=1150554
Third Party Advisory x_refsource_misc
https://sourceforge.net/projects/sarg/
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2020/01/20/6
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://seclists.org/oss-sec/2020/q1/23
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2020/01/27/1
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00051.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00063.html
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/202007-32

Scores

CVSS v3 7.0
EPSS 0.0004
EPSS Percentile 12.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-362 CWE-59
Status published
Products (3)
opensuse/backports_sle 15.0 sp1
opensuse/leap 15.1
squid_analysis_report_generator_project/squid_analysis_report_generator < 2.3.11
Published Jan 21, 2020
Tracked Since Feb 18, 2026