Vulnerability Name:

CVE-2019-18899 (CCN-174811)

Assigned:2019-11-12
Published:2020-01-20
Updated:2022-11-08
Summary:The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1.
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
8.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.7 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-269
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2019-18899

Source: SUSE
Type: Mailing List, Vendor Advisory
openSUSE-SU-2020:0124

Source: SUSE
Type: Mailing List, Vendor Advisory
openSUSE-SU-2020:0146

Source: CONFIRM
Type: Issue Tracking, Vendor Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1157703

Source: XF
Type: UNKNOWN
aptcacherng-cve201918899-priv-esc(174811)

Source: CCN
Type: oss-sec Mailing List, Mon, 20 Jan 2020 15:50:28 +0100
CVE-2019-18899: apt-cacher-ng: openSUSE packaging for apt-cacher-ng runs the daemon as root instead of as an unprivileged user

Source: CCN
Type: openSUSE Web site
openSUSE Leap

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apt-cacher-ng_project:apt-cacher-ng:*:*:*:*:*:*:*:* (Version < 3.1-lp151.3.3.1)
  • AND
  • cpe:/o:opensuse:leap:15.1:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:opensuse:opensuse_leap:15.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:201918899
    V
    		CVE-2019-18899
    2021-10-24
    oval:org.opensuse.security:def:63438
    P
    		libsnmp30-32bit-5.7.3-8.24 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63098
    P
    		openldap2-2.4.46-9.51.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:62819
    P
    		libvdpau-devel-1.1.1-1.28 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:64487
    P
    		Security update for bind (Important)
    2021-05-04
    oval:org.opensuse.security:def:62618
    P
    		bluez-devel-5.48-11.58 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62619
    P
    		conky-1.11.5-1.20 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:63300
    P
    		rsyslog-module-gssapi-8.39.0-2.90 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62642
    P
    		gvfs-1.42.2-4.24 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:64231
    P
    		cracklib on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:74427
    P
    		Security update for openconnect (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63664
    P
    		Security update for git (Important)
    2020-12-01
    oval:org.opensuse.security:def:64333
    P
    		libidn2-0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:74553
    P
    		Security update for apt-cacher-ng (Important)
    2020-12-01
    oval:org.opensuse.security:def:63991
    P
    		Security update for gcc9 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64375
    P
    		libpython2_7-1_0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64125
    P
    		Security update for grub2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:100232
    P
    		 (Moderate)
    2020-10-06
    oval:org.opensuse.security:def:93519
    P
    		Security update for apt-cacher-ng (Important)
    2020-01-29
    oval:org.opensuse.security:def:110177
    P
    		Security update for apt-cacher-ng (Important)
    2020-01-29
    BACK
    apt-cacher-ng_project apt-cacher-ng *
    opensuse leap 15.1
    opensuse backports sle-15 sp1
    opensuse opensuse leap 15.0