Unrated severityNVD Advisory· Published Dec 2, 2014· Updated Jun 17, 2026
CVE-2014-5284
CVE-2014-5284
Description
host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root privileges by creating the temporary files before automatic IP blocking is performed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
3- github.com/ossec/ossec-hids/releases/tag/2.8.1nvdPatchVendor Advisory
- packetstormsecurity.com/files/129111/OSSEC-2.8-Privilege-Escalation.htmlnvdExploit
- www.exploit-db.com/exploits/35234nvdExploit
News mentions
0No linked articles in our index yet.