Lynis Auditing Tool 3.1.6

Lynis is an auditing tool for Unix specialists. It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated...

EUVD-2017-17071

Malware in sbrugna...

EUVD-2014-3919

Malware in sbrugna...

EUVD-2020-6090

Malware in sbrugna...

EUVD-2019-4601

Malware in sbrugna...

EUVD-2014-3915

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-13882

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The routine to check the log and report file permissions was not...

Linux Distros Unpatched Vulnerability : CVE-2019-13033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be use...

OPENSUSE-SU-2024:11032-1 lynis-3.0.5-3.2 on GA media

These are all security issues fixed in the lynis-3.0.5-3.2 package on the GA media of openSUSE Tumbleweed...

Medium: lynis

Issue Overview: In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be...

SUSE CVE-2014-3986

include/testswebservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis..unsorted file with an easily determined name...

SUSE CVE-2017-8108

Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file...

SUSE CVE-2019-13033

In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be possible to upload th...

SUSE CVE-2020-13882

CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The routine to check the log and report file permissions was not working as intended and could be bypassed locally. Because of the race, an unprivileged attacker can set up a log and report file, and contro...

CVE-2020-13882

CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The routine to check the log and report file permissions was not working as intended and could be bypassed locally. Because of the race, an unprivileged attacker can set up a log and report file, and contro...

CVE-2019-13033

In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be possible to upload th...

Red-Detector - Scan Your EC2 Instance To Find Its Vulnerabilities Using Vuls.io

Scan your EC2 instance to find its vulnerabilities using Vuls https://vuls.io/en/. Audit your EC2 instance to find security misconfigurations using Lynis https://cisofy.com/solutions/lynis. Scan your EC2 instance for signs of a rootkit using Chkrootkit http://www.chkrootkit.org/. Requirements 1...

Amazon Linux AMI : lynis (ALAS-2020-1419)

The version of lynis installed on the remote host is prior to 3.0.0-1.17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1419 advisory. In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is...

Medium: lynis

Issue Overview: In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be...

Fedora: Security Advisory for lynis (FEDORA-2020-f251753b0f)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...