CVE-2014-3986

EPSS 0.04%

Published: 6/8/2014Modified: 4/28/2026

Also known as:DEBIAN-CVE-2014-3986

Description

include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name.

Affected packages (1)

Debian/lynisfrom 0, < 1.5.5-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-3986