9 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-13033
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be use...
Amazon Linux AMI : lynis (ALAS-2020-1419)
The version of lynis installed on the remote host is prior to 3.0.0-1.17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1419 advisory. In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is...
Fedora: Security Advisory for lynis (FEDORA-2020-f251753b0f)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 31 : lynis (2020-059e1591d6)
Update to 3.0.0 rhbz 1848716, Fixes CVE-2020-13882 / CVE-2019-13033 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 32 : lynis (2020-f251753b0f)
Update to 3.0.0 rhbz 1848716, fixes CVE-2020-13882 / CVE-2019-13033 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
CVE-2019-13033
In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be possible to upload th...
CVE-2019-13033
In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be possible to upload th...
CVE-2019-13033
In the CISOfy Lynis family, CVE-2019-13033 affects Lynis 2.x up to 2.7.5, where the license key can be exposed by inspecting the process list during a data upload. The license can be used to upload data to a central Lynis server, potentially enabling insertion of data from additional scans, thoug...
Several issues in Lynis
lynis update: This release resolves two security issues CVE-2020-13882 - Discovered by Sander Bos, code submission by Katarina Durechova CVE-2019-13033 - Discovered by Sander Bos...