1
Candidate: CVE-2014-3986
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3986
5
http://seclists.org/fulldisclosure/2014/Jun/21
6
http://openwall.com/lists/oss-security/2014/06/07/3
7
http://openwall.com/lists/oss-security/2014/06/06/12
8
http://openwall.com/lists/oss-security/2014/06/05/14
9
http://cisofy.com/files/lynis-1.5.5.tar.gz
11
include/tests_webservers in Lynis before 1.5.5 allows local users to
12
overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted
13
file with an easily determined name.
21
Tags_lynis: symlink-restriction hardlink-restriction
23
upstream_lynis: released (1.5.5)
24
lucid_lynis: ignored (reached end-of-life)
25
precise_lynis: ignored (reached end-of-life)
26
precise/esm_lynis: DNE (precise was needed)
27
saucy_lynis: ignored (reached end-of-life)
29
utopic_lynis: ignored (reached end-of-life)
30
vivid_lynis: ignored (reached end-of-life)
31
vivid/stable-phone-overlay_lynis: DNE
32
vivid/ubuntu-core_lynis: DNE
33
wily_lynis: ignored (reached end-of-life)
35
yakkety_lynis: ignored (reached end-of-life)
36
zesty_lynis: ignored (reached end-of-life)