include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.##### file.
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Lynis | Cisofy | * | 1.5.4 (including) |
Lynis | Cisofy | 1.5.0 (including) | 1.5.0 (including) |
Lynis | Cisofy | 1.5.1 (including) | 1.5.1 (including) |
Lynis | Cisofy | 1.5.2 (including) | 1.5.2 (including) |
Lynis | Cisofy | 1.5.3 (including) | 1.5.3 (including) |
Lynis | Ubuntu | artful | * |
Lynis | Ubuntu | lucid | * |
Lynis | Ubuntu | precise | * |
Lynis | Ubuntu | saucy | * |
Lynis | Ubuntu | trusty | * |
Lynis | Ubuntu | utopic | * |
Lynis | Ubuntu | vivid | * |
Lynis | Ubuntu | wily | * |
Lynis | Ubuntu | yakkety | * |
Lynis | Ubuntu | zesty | * |