CVE-2019-12522
published 2020-04-15CVE-2019-12522: An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is…
PriorityP422medium4.5CVSS 3.1
AVLACHPRLUINSUCLILAL
EPSS
0.34%
26.3th percentile
An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | squid | — | — |
| squid-cache | squid | <= 4.7 | — |
CVSS provenance
nvdv3.14.5MEDIUMCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
nvdv2.04.4MEDIUMAV:L/AC:M/Au:N/C:P/I:P/A:P
osv4.5MEDIUM
vendor_debian4.5LOW
vendor_redhat4.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rwjf-j42w-jfr4: An issue was discovered in Squid through 4
ghsa_unreviewed·2022-05-24
CVE-2019-12522 [HIGH] CWE-269 GHSA-rwjf-j42w-jfr4: An issue was discovered in Squid through 4
An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
OSV
CVE-2019-12522: An issue was discovered in Squid through 4
osv·2020-04-15·CVSS 4.5
CVE-2019-12522 [MEDIUM] CVE-2019-12522: An issue was discovered in Squid through 4
An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
Red Hat
squid: lack of UID assignment in child process spawning could lead to privileges escalation
vendor_redhat·2020-04-24·CVSS 4.5
CVE-2019-12522 [MEDIUM] CWE-266 squid: lack of UID assignment in child process spawning could lead to privileges escalation
squid: lack of UID assignment in child process spawning could lead to privileges escalation
An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
A flaw was found in squid. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root. The highest threat from this vulnerab
Debian
CVE-2019-12522: squid - An issue was discovered in Squid through 4.7. When Squid is run as root, it spaw...
vendor_debian·2019·CVSS 4.5
CVE-2019-12522 [MEDIUM] CVE-2019-12522: squid - An issue was discovered in Squid through 4.7. When Squid is run as root, it spaw...
An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
No detection rules found.
No public exploits indexed.
2020-04-15
Published