Unrated severityNVD Advisory· Published Jun 8, 2014· Updated Jun 17, 2026
CVE-2014-3986
CVE-2014-3986
Description
include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:cisofy:lynis:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:cisofy:lynis:*:*:*:*:*:*:*:*range: <=1.5.4
- cpe:2.3:a:cisofy:lynis:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisofy:lynis:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisofy:lynis:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisofy:lynis:1.5.3:*:*:*:*:*:*:*
- (no CPE)range: <1.5.5
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.