Rechercher Contactez-nous

Suivez-nous sur Twitter

En francais

English Language

Subscribe

Freely subscribe to our NEWSLETTER

Security Vulnerability

Vigil@nce - Squid Analysis Report Generator: file corruption via /tmp/sarg/denied.int_unsory

February 2020 by Vigil@nce

This bulletin was written by Vigil@nce : https://vigilance.fr/?langue=2

SYNTHESIS OF THE VULNERABILITY

Impacted products: openSUSE Leap, SLES.

Severity: 1/4.

Consequences: data creation/edition.

Provenance: user shell.

Confidence: confirmed by the editor (5/5).

Creation date: 28/01/2020.

DESCRIPTION OF THE VULNERABILITY

A local attacker can create a symbolic link named
/tmp/sarg/denied.int_unsory, in order to alter the pointed file,
with privileges of Squid Analysis Report Generator.

ACCESS TO THE FULL VIGIL@NCE BULLETIN

https://vigilance.fr/vulnerability/Squid-Analysis-Report-Generator-file-corruption-via-tmp-sarg-denied-int-unsory-31442

See previous articles

See next articles

Security Vulnerability

Toutes nos news en Francais

Alle unsere News auf deutsch

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts