7 matches found
CVE-2019-18932
log.c in Squid Analysis Report Generator sarg through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and...
openSUSE Security Update : sarg (openSUSE-2020-117)
This update for sarg fixes the following issues : - CVE-2019-18932: Fixed insecure usage of /tmp/sarg which potentially allowed privilege escalation or denial of service boo1156643. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUS...
openSUSE: Security Advisory for sarg (openSUSE-SU-2020:0117_1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0117-1 Security update for sarg
This update for sarg fixes the following issues: - CVE-2019-18932: Fixed insecure usage of /tmp/sarg which potentially allowed privilege escalation or denial of service boo1156643...
DEBIAN-CVE-2019-18932
log.c in Squid Analysis Report Generator sarg through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and...
CVE-2019-18932
log.c in Squid Analysis Report Generator sarg through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and...
CVE-2019-18932
CVE-2019-18932 affects the Squid Analysis Report Generator (sarg) up to version 2.3.11. The root cause is insecure handling of a fixed temporary directory (/tmp/sarg) used by sarg; as root, sarg creates or reuses this directory in an insecure way. An attacker can pre-create /tmp/sarg and place sy...