openSUSE Security Update : lynis (openSUSE-2017-705)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for lynis fixes the following issues :

Lynis 2.5.1 :

- Improved detection of SSL certificate files

- Minor changes to improve logging and results

- Firewall tests: Determine if CSF is in testing mode

The Update also includes changes from Lynis 2.5.0 :

- CVE-2017-8108: symlink attack may have allowed arbitrary
file overwrite or privilege escalation (boo#1043463)

- Deleted unused tests from database file

- Additional sysctls are tested

- Extended test with Symantec components

- Snort detection

- Snort configuration file

The update also includes Lynis 2.4.8 (Changelog from 2.4.1)

- More PHP paths added

- Minor changes to text

- Show atomic test in report

- Added FileInstalledByPackage function (dpkg and rpm
supported)

- Mark Arch Linux version as rolling release (instead of
unknown)

- Support for Manjaro Linux

- Escape files when testing if they are readable

- Code cleanups

- Allow host alias to be specified in profile

- Code readability enhancements

- Solaris support has been improved

- Fix for upload function to be used from profile

- Reduce screen output for mail section, unless --verbose
is used

- Code cleanups and removed 'update release' command

- Colored output can now be tuned with profile
(colors=yes/no)

- Allow data upload to be set as a profile option

- Properly detect SSH daemon version

- Generic code improvements

- Improved the update check and display

- Finish, Portuguese, and Turkish translation

- Extended support and tests for DragonFlyBSD

- Option to configure hostid and hostid2 in profile

- Support for Trend Micro and Cylance (macOS)

- Remove comments at end of nginx configuration

- Used machine ID to create host ID when no SSH keys are
available

- Added detection of iptables-save to binaries

And Lynis 2.4.0

- Mainly improved support for macOS users

- Support for CoreOS

- Support for clamconf utility

- Support for chinese translation

- More sysctl values in the default profile

- New commands: 'upload-only', 'show hostids', 'show
environment', 'show os'

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1043463

Solution :

Update the affected lynis package.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 100863 ()

Bugtraq ID:

CVE ID: CVE-2017-8108

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now