5 matches found
[oss-security] Re: CVE request: PHP configure script and Lynis tool /tmp/ issues reported on full disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 39 if "$OS" = "AIX" ; then 40 TMPFILE=/tmp/lynis.$$ We can make a CVE assignment corresponding to your disclosure of this lynis.$$ issue on oss-security. Use CVE-2014-3982. A CVE for this most likely won't or shouldn't have a...
CVE-2014-3982
include/testswebservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis. file...
CVE-2014-3982
include/testswebservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis. file...
CVE-2014-3982
CVE-2014-3982 affects Lynis on AIX prior to 1.5.5, where include/tests_webservers can be abused via a symlink attack to overwrite the file /tmp/lynis.*, enabling local privilege impact (I) with partial integrity and availability impacts; confidentiality remains unaffected. The issue is mitigated ...
CVE-2014-3982
include/testswebservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis. file...