openSUSE Security Update : lynis (openSUSE-2017-705)

Medium Nessus Plugin ID 100863


The remote openSUSE host is missing a security update.


This update for lynis fixes the following issues :

Lynis 2.5.1 :

- Improved detection of SSL certificate files

- Minor changes to improve logging and results

- Firewall tests: Determine if CSF is in testing mode

The Update also includes changes from Lynis 2.5.0 :

- CVE-2017-8108: symlink attack may have allowed arbitrary file overwrite or privilege escalation (boo#1043463)

- Deleted unused tests from database file

- Additional sysctls are tested

- Extended test with Symantec components

- Snort detection

- Snort configuration file

The update also includes Lynis 2.4.8 (Changelog from 2.4.1)

- More PHP paths added

- Minor changes to text

- Show atomic test in report

- Added FileInstalledByPackage function (dpkg and rpm supported)

- Mark Arch Linux version as rolling release (instead of unknown)

- Support for Manjaro Linux

- Escape files when testing if they are readable

- Code cleanups

- Allow host alias to be specified in profile

- Code readability enhancements

- Solaris support has been improved

- Fix for upload function to be used from profile

- Reduce screen output for mail section, unless --verbose is used

- Code cleanups and removed 'update release' command

- Colored output can now be tuned with profile (colors=yes/no)

- Allow data upload to be set as a profile option

- Properly detect SSH daemon version

- Generic code improvements

- Improved the update check and display

- Finish, Portuguese, and Turkish translation

- Extended support and tests for DragonFlyBSD

- Option to configure hostid and hostid2 in profile

- Support for Trend Micro and Cylance (macOS)

- Remove comments at end of nginx configuration

- Used machine ID to create host ID when no SSH keys are available

- Added detection of iptables-save to binaries

And Lynis 2.4.0

- Mainly improved support for macOS users

- Support for CoreOS

- Support for clamconf utility

- Support for chinese translation

- More sysctl values in the default profile

- New commands: 'upload-only', 'show hostids', 'show environment', 'show os'


Update the affected lynis package.

See Also

Plugin Details

Severity: Medium

ID: 100863

File Name: openSUSE-2017-705.nasl

Version: $Revision: 3.2 $

Type: local

Agent: unix

Published: 2017/06/19

Modified: 2018/01/26

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P


Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:lynis, cpe:/o:novell:opensuse:42.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2017/06/18

Reference Information

CVE: CVE-2017-8108