Lucene search
Redhat.comRH:CVE-2020-13882HistoryMay 20, 2022 - 11:52 p.m.
CVE-2020-13882
2022-05-2023:52:18
redhat.com
access.redhat.com
3
0.0004 Low
EPSS
Percentile
15.7%
CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The routine to check the log and report file permissions was not working as intended and could be bypassed locally. Because of the race, an unprivileged attacker can set up a log and report file, and control that up to the point where the specific routine is doing its check. After that, the file can be removed, recreated, and used for additional attacks.
Related
cve
cve
CVE-2020-13882
2020-06-18 18:15:10
prion
prion
Race condition
2020-06-18 18:15:00
debiancve
debiancve
CVE-2020-13882
2020-06-18 18:15:10
nvd
nvd
CVE-2020-13882
2020-06-18 18:15:10
ubuntucve
ubuntucve
CVE-2020-13882
2020-06-18 00:00:00
osv
osv
CVE-2020-13882
2020-06-18 18:15:10
cvelist
cvelist
CVE-2020-13882
2020-06-18 17:35:35
kitploit
kitploit
Lynis 3.0.0 - Security Auditing Tool for Unix/Linux Systems
2020-06-22 12:30:00
nessus
nessus
Fedora 32 : lynis (2020-f251753b0f)
2020-07-01 00:00:00
FreeBSD : Several issues in Lynis (f28476f7-b166-11ea-8775-507b9d01076a)
2020-06-22 00:00:00
Fedora 31 : lynis (2020-059e1591d6)
2020-07-01 00:00:00
openvas
openvas
Fedora: Security Advisory for lynis (FEDORA-2020-f251753b0f)
2020-07-03 00:00:00
Fedora: Security Advisory for lynis (FEDORA-2020-059e1591d6)
2020-07-03 00:00:00
freebsd
freebsd
Several issues in Lynis
2020-06-18 00:00:00
amazon
amazon
Medium: lynis
2020-08-26 23:09:00
fedora
fedora
[SECURITY] Fedora 31 Update: lynis-3.0.0-1.fc31
2020-07-01 01:37:41
[SECURITY] Fedora 32 Update: lynis-3.0.0-1.fc32
2020-07-01 01:51:20