Lynis is an auditing and hardening tool for Unix/Linux and you might even c all it a compliance tool. It scans the system and installed software. Then it performs many individual security control checks. It determines the hardeni ng state of the machine, detects security issues and provides suggestions to improve the security defense of the system.
{"id": "FEDORA:B807E605E50D", "vendorId": null, "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 24 Update: lynis-2.5.0-1.fc24", "description": "Lynis is an auditing and hardening tool for Unix/Linux and you might even c all it a compliance tool. It scans the system and installed software. Then it performs many individual security control checks. It determines the hardeni ng state of the machine, detects security issues and provides suggestions to improve the security defense of the system. ", "published": "2017-05-27T02:53:26", "modified": "2017-05-27T02:53:26", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UJXMPYANXHI25NQZ36QMXNXANDRAA5YG/", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2017-8108"], "immutableFields": [], "lastseen": "2020-12-21T08:17:54", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2017-847"]}, {"type": "archlinux", "idList": ["ASA-201705-20"]}, {"type": "cve", "idList": ["CVE-2017-8108"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-8108"]}, {"type": "fedora", "idList": ["FEDORA:47B0A602EC16", "FEDORA:EC88E6048D3E"]}, {"type": "kitploit", "idList": ["KITPLOIT:8819491108895473634"]}, {"type": "nessus", "idList": ["ALA_ALAS-2017-847.NASL", "FEDORA_2017-8D625A8D2B.NASL", "FEDORA_2017-C3CE061EA7.NASL", "OPENSUSE-2017-705.NASL"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-8108"]}], "rev": 4}, "score": {"value": 4.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2017-847"]}, {"type": "archlinux", "idList": ["ASA-201705-20"]}, {"type": "cve", "idList": ["CVE-2017-8108"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-8108"]}, {"type": "fedora", "idList": ["FEDORA:47B0A602EC16", "FEDORA:EC88E6048D3E"]}, {"type": "kitploit", "idList": ["KITPLOIT:8819491108895473634"]}, {"type": "nessus", "idList": ["FEDORA_2017-8D625A8D2B.NASL", "FEDORA_2017-C3CE061EA7.NASL"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-8108"]}]}, "exploitation": null, "vulnersScore": 4.6}, "_state": {"dependencies": 0}, "_internal": {}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "24", "arch": "any", "packageName": "lynis", "packageVersion": "2.5.0", "packageFilename": "UNKNOWN", "operator": "lt"}]}
{"nessus": [{"lastseen": "2021-10-16T01:06:54", "description": "Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file. (CVE-2017-8108)", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-06-23T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : lynis (ALAS-2017-847)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8108"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:lynis", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2017-847.NASL", "href": "https://www.tenable.com/plugins/nessus/101000", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2017-847.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101000);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2017-8108\");\n script_xref(name:\"ALAS\", value:\"2017-847\");\n\n script_name(english:\"Amazon Linux AMI : lynis (ALAS-2017-847)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Unspecified tests in Lynis before 2.5.0 allow local users to write to\narbitrary files or possibly gain privileges via a symlink attack on a\ntemporary file. (CVE-2017-8108)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2017-847.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update lynis' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:lynis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"lynis-2.5.0-1.6.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lynis\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:36:41", "description": "Update to 2.5.0 / https://cisofy.com/security/cve/cve-2017-8108/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-30T00:00:00", "type": "nessus", "title": "Fedora 24 : lynis (2017-c3ce061ea7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8108"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:lynis", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-C3CE061EA7.NASL", "href": "https://www.tenable.com/plugins/nessus/100495", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-c3ce061ea7.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100495);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-8108\");\n script_xref(name:\"FEDORA\", value:\"2017-c3ce061ea7\");\n\n script_name(english:\"Fedora 24 : lynis (2017-c3ce061ea7)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.5.0 / https://cisofy.com/security/cve/cve-2017-8108/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-c3ce061ea7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://cisofy.com/security/cve/cve-2017-8108/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lynis package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:lynis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"lynis-2.5.0-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lynis\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:55:50", "description": "Update to 2.5.0 / https://cisofy.com/security/cve/cve-2017-8108/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-17T00:00:00", "type": "nessus", "title": "Fedora 26 : lynis (2017-50b9370529)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8108"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:lynis", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-50B9370529.NASL", "href": "https://www.tenable.com/plugins/nessus/101631", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-50b9370529.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101631);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_xref(name:\"FEDORA\", value:\"2017-50b9370529\");\n\n script_name(english:\"Fedora 26 : lynis (2017-50b9370529)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.5.0 / https://cisofy.com/security/cve/cve-2017-8108/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-50b9370529\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://cisofy.com/security/cve/cve-2017-8108/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lynis package.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:lynis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"lynis-2.5.0-1.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lynis\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-08-19T12:36:30", "description": "Update to 2.5.0 / https://cisofy.com/security/cve/cve-2017-8108/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-30T00:00:00", "type": "nessus", "title": "Fedora 25 : lynis (2017-8d625a8d2b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8108"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:lynis", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-8D625A8D2B.NASL", "href": "https://www.tenable.com/plugins/nessus/100492", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-8d625a8d2b.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100492);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-8108\");\n script_xref(name:\"FEDORA\", value:\"2017-8d625a8d2b\");\n\n script_name(english:\"Fedora 25 : lynis (2017-8d625a8d2b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.5.0 / https://cisofy.com/security/cve/cve-2017-8108/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-8d625a8d2b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://cisofy.com/security/cve/cve-2017-8108/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lynis package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:lynis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"lynis-2.5.0-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lynis\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:36:46", "description": "This update for lynis fixes the following issues :\n\nLynis 2.5.1 :\n\n - Improved detection of SSL certificate files\n\n - Minor changes to improve logging and results\n\n - Firewall tests: Determine if CSF is in testing mode\n\nThe Update also includes changes from Lynis 2.5.0 :\n\n - CVE-2017-8108: symlink attack may have allowed arbitrary file overwrite or privilege escalation (boo#1043463)\n\n - Deleted unused tests from database file\n\n - Additional sysctls are tested\n\n - Extended test with Symantec components\n\n - Snort detection\n\n - Snort configuration file\n\nThe update also includes Lynis 2.4.8 (Changelog from 2.4.1)\n\n - More PHP paths added\n\n - Minor changes to text\n\n - Show atomic test in report\n\n - Added FileInstalledByPackage function (dpkg and rpm supported)\n\n - Mark Arch Linux version as rolling release (instead of unknown)\n\n - Support for Manjaro Linux\n\n - Escape files when testing if they are readable\n\n - Code cleanups\n\n - Allow host alias to be specified in profile\n\n - Code readability enhancements\n\n - Solaris support has been improved\n\n - Fix for upload function to be used from profile\n\n - Reduce screen output for mail section, unless --verbose is used\n\n - Code cleanups and removed 'update release' command\n\n - Colored output can now be tuned with profile (colors=yes/no)\n\n - Allow data upload to be set as a profile option\n\n - Properly detect SSH daemon version\n\n - Generic code improvements\n\n - Improved the update check and display\n\n - Finish, Portuguese, and Turkish translation\n\n - Extended support and tests for DragonFlyBSD\n\n - Option to configure hostid and hostid2 in profile\n\n - Support for Trend Micro and Cylance (macOS)\n\n - Remove comments at end of nginx configuration\n\n - Used machine ID to create host ID when no SSH keys are available\n\n - Added detection of iptables-save to binaries\n\nAnd Lynis 2.4.0 \n\n - Mainly improved support for macOS users\n\n - Support for CoreOS\n\n - Support for clamconf utility\n\n - Support for chinese translation\n\n - More sysctl values in the default profile\n\n - New commands: 'upload-only', 'show hostids', 'show environment', 'show os'", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-06-19T00:00:00", "type": "nessus", "title": "openSUSE Security Update : lynis (openSUSE-2017-705)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8108"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:lynis", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2017-705.NASL", "href": "https://www.tenable.com/plugins/nessus/100863", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-705.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100863);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-8108\");\n\n script_name(english:\"openSUSE Security Update : lynis (openSUSE-2017-705)\");\n script_summary(english:\"Check for the openSUSE-2017-705 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for lynis fixes the following issues :\n\nLynis 2.5.1 :\n\n - Improved detection of SSL certificate files\n\n - Minor changes to improve logging and results\n\n - Firewall tests: Determine if CSF is in testing mode\n\nThe Update also includes changes from Lynis 2.5.0 :\n\n - CVE-2017-8108: symlink attack may have allowed arbitrary\n file overwrite or privilege escalation (boo#1043463)\n\n - Deleted unused tests from database file\n\n - Additional sysctls are tested\n\n - Extended test with Symantec components\n\n - Snort detection\n\n - Snort configuration file\n\nThe update also includes Lynis 2.4.8 (Changelog from 2.4.1)\n\n - More PHP paths added\n\n - Minor changes to text\n\n - Show atomic test in report\n\n - Added FileInstalledByPackage function (dpkg and rpm\n supported)\n\n - Mark Arch Linux version as rolling release (instead of\n unknown)\n\n - Support for Manjaro Linux\n\n - Escape files when testing if they are readable\n\n - Code cleanups\n\n - Allow host alias to be specified in profile\n\n - Code readability enhancements\n\n - Solaris support has been improved\n\n - Fix for upload function to be used from profile\n\n - Reduce screen output for mail section, unless --verbose\n is used\n\n - Code cleanups and removed 'update release' command\n\n - Colored output can now be tuned with profile\n (colors=yes/no)\n\n - Allow data upload to be set as a profile option\n\n - Properly detect SSH daemon version\n\n - Generic code improvements\n\n - Improved the update check and display\n\n - Finish, Portuguese, and Turkish translation\n\n - Extended support and tests for DragonFlyBSD\n\n - Option to configure hostid and hostid2 in profile\n\n - Support for Trend Micro and Cylance (macOS)\n\n - Remove comments at end of nginx configuration\n\n - Used machine ID to create host ID when no SSH keys are\n available\n\n - Added detection of iptables-save to binaries\n\nAnd Lynis 2.4.0 \n\n - Mainly improved support for macOS users\n\n - Support for CoreOS\n\n - Support for clamconf utility\n\n - Support for chinese translation\n\n - More sysctl values in the default profile\n\n - New commands: 'upload-only', 'show hostids', 'show\n environment', 'show os'\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1043463\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lynis package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:lynis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"lynis-2.5.1-2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lynis\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2021-07-28T14:34:09", "description": "Arch Linux Security Advisory ASA-201705-20\n==========================================\n\nSeverity: High\nDate : 2017-05-22\nCVE-ID : CVE-2017-8108\nPackage : lynis\nType : arbitrary file overwrite\nRemote : No\nLink : https://security.archlinux.org/AVG-278\n\nSummary\n=======\n\nThe package lynis before version 2.5.0-1 is vulnerable to arbitrary\nfile overwrite.\n\nResolution\n==========\n\nUpgrade to 2.5.0-1.\n\n# pacman -Syu \"lynis>=2.5.0-1\"\n\nThe problem has been fixed upstream in version 2.5.0.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nMichael Scherer discovered that some Lynis tests reuse the same\ntemporary file. As some tests remove the temporary file, this might\ngive an attacker the possibility to perform a link following attack.\nWhile timing must be perfect, there is a very small time window in\nwhich the attack can recreate the temporary file and symlink it to\nanother resource, like a file. In this case data may be overwritten, or\npossibly executed.\n\nImpact\n======\n\nA local unprivileged attacker is able to overwrite arbitrary files on\nthe filesystem possibly leading to privilege escalation.\n\nReferences\n==========\n\nhttps://bugs.archlinux.org/task/54067\nhttps://cisofy.com/security/cve/cve-2017-8108/\nhttps://security.archlinux.org/CVE-2017-8108", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-22T00:00:00", "type": "archlinux", "title": "[ASA-201705-20] lynis: arbitrary file overwrite", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8108"], "modified": "2017-05-22T00:00:00", "id": "ASA-201705-20", "href": "https://security.archlinux.org/ASA-201705-20", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2022-02-15T07:34:58", "description": "Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-06-08T16:29:00", "type": "debiancve", "title": "CVE-2017-8108", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8108"], "modified": "2017-06-08T16:29:00", "id": "DEBIANCVE:CVE-2017-8108", "href": "https://security-tracker.debian.org/tracker/CVE-2017-8108", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "kitploit": [{"lastseen": "2020-12-08T13:24:05", "description": "[  ](<https://4.bp.blogspot.com/-p2rdZ63sxRU/VbBxt5iYZuI/AAAAAAAAEac/8yjkIc_IDdU/s1600/lynis2.1.1.png>)\n\n \n\n\nWe are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. \n \nLynis is an open source security auditing tool. Used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux and UNIX-based systems. It runs on the host itself, so it performs more extensive security scans than vulnerability scanners. \n\n \n\n\n** Supported operating systems **\n\n \n\n\nThe tool has almost no dependencies, therefore it runs on almost all Unix based systems and versions, including: \n\n * AIX \n * FreeBSD \n * HP-UX \n * Linux \n * Mac OS \n * NetBSD \n * OpenBSD \n * Solaris \n * and others \n\nIt even runs on systems like the Raspberry Pi and several storage devices! \n \n\n\n** Installation optional ** \n \nLynis is light-weight and easy to use. Installation is optional: just copy it to a system, and use \"./lynis audit system\" to start the security scan. It is written in shell script and released as open source software ( GPL ). \n\n \n\n\n** How it works **\n\n \n\n\nLynis performs hundreds of individual tests, to determine the security state of the system. The security scan itself consists of performing a set of steps, from initialization the program, up to the report. \n\n \n\n\n** Steps **\n\n 1. Determine operating system \n 2. Search for available tools and utilities \n 3. Check for Lynis update \n 4. Run tests from enabled plugins \n 5. Run security tests per category \n 6. Report status of security scan \n\nBesides the data displayed on screen, all technical details about the scan are stored in a log file. Any findings (warnings, suggestions, data collection) are stored in a report file. \n\n \n\n\n** Opportunistic scanning **\n\n \n\n\nLynis scanning is opportunistic: it uses what it can find. \n\nFor example if it sees you are running Apache, it will perform an initial round of Apache related tests. When during the Apache scan it also discovers a SSL/TLS configuration, it will perform additional auditing steps on that. While doing that, it then will collect discovered certificates, so they can be scanned later as well. \n\n \n\n\n** In-depth security scans **\n\n \n\n\nBy performing opportunistic scanning, the tool can run with almost no dependencies. The more it finds, the deeper the audit will be. In other words, Lynis will always perform scans which are customized to your system. No audit will be the same! \n\n \n\n\n** Use cases **\n\n \n\n\nSince Lynis is flexible, it is used for several different purposes. Typical use cases for Lynis include: \n\n * Security auditing \n * Compliance testing (e.g. PCI, HIPAA, SOx) \n * Vulnerability detection and scanning \n * System hardening \n\n \n\n\n** Resources used for testing **\n\n \n\n\nMany other tools use the same data files for performing tests. Since Lynis is not limited to a few common Linux distributions, it uses tests from standards and many custom ones not found in any other tool. \n\n * Best practices \n * CIS \n * NIST \n * NSA \n * OpenSCAP data \n * Vendor guides and recommendations (e.g. Debian Gentoo, Red Hat) \n\n \n\n\n** Lynis Plugins ** \n \nlugins enable the tool to perform additional tests. They can be seen as an extension (or add-on) to Lynis, enhancing its functionality. One example is the compliance checking plugin, which performs specific tests only applicable to some standard. \n \n** Changelog **\n\nUpgrade note \n\n \n \n During the development of this release, the project got informed about a flaw\n that possibly could be abused by a local attacker. Even with the small risk of\n success, upgrading is highly recommended. See details on\n [CVE-2017-8108](https://cisofy.com/security/cve/cve-2017-8108/)\n \n This release is a special maintenance release with focus on cleaning up the code\n for readability and future expansion.\n \n Changes:\n --------\n * Use ROOTDIR variable instead of fixed paths\n * Introduction of IsEmpty and HasData functions for readability of code\n * Renamed some variables to better indicate their purpose (counting, data type)\n * Removal of unused code and comments\n * Deleted unused tests from database file\n * Correct levels of identation\n * Support for older mac OS X versions (Lion and Mountain Lion)\n * Initialized variables for more binaries\n * Additional sysctls are tested\n \n Tests:\n ------\n * MALW-3280 - Extended test with Symantec components\n * PKGS-7332 - Detection of macOS ports tool and installed packages\n * TOOL-5120 - Snort detection\n * TOOL-5122 - Snort configuration file\n\n \n \n\n\n** [ Download Lynis 2.5.0 ](<https://cisofy.com/download/lynis/>) **\n *[\n GPL\n ]: GNU Public License\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-05T14:35:12", "type": "kitploit", "title": "Lynis 2.5.0 - Security Auditing Tool for Unix/Linux Systems", "bulletinFamily": "tools", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8108"], "modified": "2017-05-05T14:35:12", "id": "KITPLOIT:8819491108895473634", "href": "http://www.kitploit.com/2017/05/lynis-250-security-auditing-tool-for.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T18:44:08", "description": "Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-06-08T16:29:00", "type": "cve", "title": "CVE-2017-8108", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8108"], "modified": "2019-10-03T00:03:00", "cpe": [], "id": "CVE-2017-8108", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8108", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "description": "Lynis is an auditing and hardening tool for Unix/Linux and you might even c all it a compliance tool. It scans the system and installed software. Then it performs many individual security control checks. It determines the hardeni ng state of the machine, detects security issues and provides suggestions to improve the security defense of the system. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-27T03:02:38", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: lynis-2.5.0-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8108"], "modified": "2017-05-27T03:02:38", "id": "FEDORA:47B0A602EC16", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZJHLLWNW7NASVXCK24YBSIUQQPWGCMB5/", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Lynis is an auditing and hardening tool for Unix/Linux and you might even c all it a compliance tool. It scans the system and installed software. Then it performs many individual security control checks. It determines the hardeni ng state of the machine, detects security issues and provides suggestions to improve the security defense of the system. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-06-09T19:36:48", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: lynis-2.5.0-1.fc26", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8108"], "modified": "2017-06-09T19:36:48", "id": "FEDORA:EC88E6048D3E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LO5RDSGNDQF2ROCX7TDUXX5CRJMRHMFF/", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2021-07-25T19:27:03", "description": "**Issue Overview:**\n\nUnspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file. (CVE-2017-8108)\n\n \n**Affected Packages:** \n\n\nlynis\n\n \n**Issue Correction:** \nRun _yum update lynis_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n noarch: \n \u00a0\u00a0\u00a0 lynis-2.5.0-1.6.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 lynis-2.5.0-1.6.amzn1.src \n \n \n", "edition": 2, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-06-22T19:19:00", "type": "amazon", "title": "Medium: lynis", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8108"], "modified": "2017-06-22T23:00:00", "id": "ALAS-2017-847", "href": "https://alas.aws.amazon.com/ALAS-2017-847.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:41:48", "description": "Unspecified tests in Lynis before 2.5.0 allow local users to write to\narbitrary files or possibly gain privileges via a symlink attack on a\ntemporary file.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | symlink hardening\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-06-08T00:00:00", "type": "ubuntucve", "title": "CVE-2017-8108", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8108"], "modified": "2017-06-08T00:00:00", "id": "UB:CVE-2017-8108", "href": "https://ubuntu.com/security/CVE-2017-8108", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}]}
[SECURITY] Fedora 24 Update: lynis-2.5.0-1.fc24
