CVE-2014-3986 - CERT CVE
ID CVE-2014-3986
Sažetak include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name.
Reference
CVSS
Base: 3.3
Impact: 4.9
Exploitability:3.4
Pristup
VektorSloženostAutentikacija
LOCAL MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL PARTIAL
CVSS vektor AV:L/AC:M/Au:N/C:N/I:P/A:P
Zadnje važnije ažuriranje 09-06-2014 - 17:23
Objavljeno 08-06-2014 - 18:55