Local File Overwrite Vulnerability in Lynis before 1.5.5 via Symlink Attack on /tmp/lynis.*.unsorted File

Local File Overwrite Vulnerability in Lynis before 1.5.5 via Symlink Attack on /tmp/lynis.*.unsorted File

CVE-2014-3986 · LOW Severity

AV:L/AC:M/AU:N/C:N/I:P/A:P

include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name.

Learn more about our Web App Pen Testing.