Oval Definition:oval:org.opensuse.security:def:20094411
Revision Date:2022-05-20Version:1
Title:CVE-2009-4411
Description:

The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when running in recursive (-R) mode, follow symbolic links even when the --physical (aka -P) or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink attack.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2009-4411
Mitre CVE-2009-4411
SUSE CVE-2009-4411
SUSE-SR:2010:002
SUSE-SR:2010:002
Platform(s):openSUSE 11.0
openSUSE 11.1
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 GA
SUSE Linux Enterprise Server for SAP Applications 11
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND Package Information
  • acl-2.2.47-30.5 is installed
  • OR libacl-2.2.47-30.5 is installed
  • OR libacl-32bit-2.2.47-30.5 is installed
  • OR libacl-x86-2.2.47-30.5 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND Package Information
  • acl-2.2.47-30.5.1 is installed
  • OR libacl-2.2.47-30.5.1 is installed
  • OR libacl-32bit-2.2.47-30.5.1 is installed
  • OR libacl-x86-2.2.47-30.5.1 is installed
    • BACK