Detections
Analytics

openSUSE Security Update : lynis (openSUSE-2017-705)

high Nessus Plugin ID 100863

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for lynis fixes the following issues :

Lynis 2.5.1 :

 - Improved detection of SSL certificate files

 - Minor changes to improve logging and results

 - Firewall tests: Determine if CSF is in testing mode

The Update also includes changes from Lynis 2.5.0 :

 - CVE-2017-8108: symlink attack may have allowed arbitrary file overwrite or privilege escalation (boo#1043463)

 - Deleted unused tests from database file

 - Additional sysctls are tested

 - Extended test with Symantec components

 - Snort detection

 - Snort configuration file

The update also includes Lynis 2.4.8 (Changelog from 2.4.1)

 - More PHP paths added

 - Minor changes to text

 - Show atomic test in report

 - Added FileInstalledByPackage function (dpkg and rpm supported)

 - Mark Arch Linux version as rolling release (instead of unknown)

 - Support for Manjaro Linux

 - Escape files when testing if they are readable

 - Code cleanups

 - Allow host alias to be specified in profile

 - Code readability enhancements

 - Solaris support has been improved

 - Fix for upload function to be used from profile

 - Reduce screen output for mail section, unless --verbose is used

 - Code cleanups and removed 'update release' command

 - Colored output can now be tuned with profile (colors=yes/no)

 - Allow data upload to be set as a profile option

 - Properly detect SSH daemon version

 - Generic code improvements

 - Improved the update check and display

 - Finish, Portuguese, and Turkish translation

 - Extended support and tests for DragonFlyBSD

 - Option to configure hostid and hostid2 in profile

 - Support for Trend Micro and Cylance (macOS)

 - Remove comments at end of nginx configuration

 - Used machine ID to create host ID when no SSH keys are available

 - Added detection of iptables-save to binaries

And Lynis 2.4.0

- Mainly improved support for macOS users

 - Support for CoreOS

 - Support for clamconf utility

 - Support for chinese translation

 - More sysctl values in the default profile

 - New commands: 'upload-only', 'show hostids', 'show environment', 'show os'

Solution

Update the affected lynis package.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1043463

Plugin Details

Severity: High

ID: 100863

File Name: openSUSE-2017-705.nasl

Version: 3.4

Type: local

Agent: unix

Published: 6/19/2017

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:lynis, cpe:/o:novell:opensuse:42.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 6/18/2017

Reference Information

CVE: CVE-2017-8108