main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a "kill `cat /run/tinyproxy/tinyproxy.pid`" command.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:N/A:P
Vendors Products
Tinyproxy Project
  • Tinyproxy

Configuration 1 [-]

cpe:2.3:a:tinyproxy_project:tinyproxy:*:*:*:*:*:*:*:*
References
Link Resource
https://github.com/tinyproxy/tinyproxy/issues/106 Issue Tracking Patch Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/03/msg00037.html
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-07-30T16:00:00

Updated: 2020-03-31T14:06:01

Reserved: 2017-07-30T00:00:00

Link: CVE-2017-11747

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2017-07-30T16:29:00.250

Modified: 2020-03-31T15:15:14.910

Link: CVE-2017-11747

JSON object: View

cve-icon Redhat Information

No data.

CWE