vendor:
VideoCache
by:
Anonymous
7.2
CVSS
HIGH
Privilege Escalation
264
CWE
Product Name: VideoCache
Affected Version From: 1.9.2002
Affected Version To: 1.9.2002
Patch Exists: NO
Related CWE: N/A
CPE: a:videocache:videocache:1.9.2
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009
VideoCache 1.9.2 Privilege Escalation Vulnerability
VideoCache's 'vccleaner' utility is intended to be executed with root permissions periodically, to remove expired videos from the cache. Upon execution, it looks for old files under the cache directory /var/spool/videocache (writable by the Squid proxy user) and deletes them. An attacker with the privileges of the Squid proxy server can append semi-arbitrary data to arbitrary files with root privileges, upon the administrator's execution of the 'vccleaner' utility.
Mitigation:
Restrict access to the 'vccleaner' utility to only trusted users and ensure that the Squid proxy user does not have write access to the /var/spool/videocache directory.