Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2019-3688 |
Description: | The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary |
Test IDs: | 1.3.6.1.4.1.25623.1.0.852781 1.3.6.1.4.1.25623.1.0.852805 1.3.6.1.4.1.25623.1.1.4.2019.2975.1 |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-3688 SuSE Security Announcement: openSUSE-SU-2019:2540 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html SuSE Security Announcement: openSUSE-SU-2019:2541 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html SuSE Security Announcement: openSUSE-SU-2019:2672 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html |