CVE-2014-3982CVE-2014-3982

Affected configuration(s):

cpe:/a:cisofy:lynis:1.5.0::~~~aix~~
cpe:/a:cisofy:lynis:1.5.1::~~~aix~~
cpe:/a:cisofy:lynis:1.5.2::~~~aix~~
cpe:/a:cisofy:lynis:1.5.3::~~~aix~~
cpe:/a:cisofy:lynis:1.5.4::~~~aix~~

Date published: 2014-06-08T14:55:06.593-04:00

Date last modified: 2014-06-09T13:14:32.983-04:00

CVSS Score: 3.3

Principal attack vector: LOCAL

Complexity:  MEDIUM

Reference URL: http://cisofy.com/files/lynis-1.5.5.tar.gz

Summary: include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.##### file.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.