include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-06-08T18:00:00
Updated: 2014-06-08T18:57:00
Reserved: 2014-06-06T00:00:00
Link: CVE-2014-3986
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-06-08T18:55:06.673
Modified: 2014-06-09T17:23:07.507
Link: CVE-2014-3986
JSON object: View
Redhat Information
No data.
CWE