Lucene search
GoogleOSV:CVE-2019-12522HistoryApr 15, 2020 - 7:15 p.m.
CVE-2019-12522
2020-04-1519:15:12
Google
osv.dev
8
An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
Related
debiancve
debiancve
CVE-2019-12522
2020-04-15 19:15:12
prion
prion
Default credentials
2020-04-15 19:15:00
ubuntucve
ubuntucve
CVE-2019-12522
2020-04-15 00:00:00
cvelist
cvelist
CVE-2019-12522
2020-04-15 19:00:01
nvd
nvd
CVE-2019-12522
2020-04-15 19:15:12
redhatcve
redhatcve
CVE-2019-12522
2020-04-24 09:33:48
openvas
openvas
Squid <= 4.14 Privilege Escalation Vulnerability
2020-04-14 00:00:00
cve
cve
CVE-2019-12522
2020-04-15 19:15:12
nessus
nessus
RHEL 7 : squid (Unpatched Vulnerability)
2024-07-12 00:00:00
RHEL 8 : squid (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 5 : squid (Unpatched Vulnerability)
2024-05-11 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1976
2021-07-02 18:10:45