Lucene search
HistoryJun 08, 2014 - 6:55 p.m.
CVE-2014-3986
lynis
security
cve-2014-3986
file overwrite
symlink attack
6.2 Medium
AI Score
Confidence
Low
3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name.
Related
debiancve
debiancve
CVE-2014-3986
2014-06-08 18:55:00
prion
prion
Design/Logic Flaw
2014-06-08 18:55:00
ubuntucve
ubuntucve
CVE-2014-3986
2014-06-08 00:00:00
openvas
openvas
Fedora Update for lynis FEDORA-2014-7400
2014-06-23 00:00:00
nessus
nessus
Fedora 20 : lynis-1.5.6-1.fc20 (2014-7400)
2014-06-18 00:00:00
securityvulns
securityvulns
[oss-security] Re: CVE request: PHP configure script and Lynis tool /tmp/ issues reported on full disclosure
2014-06-17 00:00:00
PHP security vulnerabilities
2014-06-17 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: lynis-1.5.6-1.fc20
2014-06-17 23:32:18
6.2 Medium
AI Score
Confidence
Low
3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2014-3986