OVAL Reference oval:org.opensuse.security:def:20093897

Oval Definition:

oval:org.opensuse.security:def:20093897

Revision Date:	2015-11-16	Version:	1
Title:	CVE-2009-3897
Description:	Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2009-3897
Platform(s):	openSUSE 11.2	Product(s):
Definition Synopsis
suse112 is installed AND Package Information dovecot12-backend-mysql less than 1.2.9-0.1.1 OR dovecot12-backend-pgsql less than 1.2.9-0.1.1 OR dovecot12-backend-sqlite less than 1.2.9-0.1.1 OR dovecot12-devel less than 1.2.9-0.1.1 OR dovecot12-fts-lucene less than 1.2.9-0.1.1 OR dovecot12 less than 1.2.9-0.1.1