OVAL Reference oval:org.opensuse.security:def:20133709

Oval Definition:

oval:org.opensuse.security:def:20133709

Revision Date:	2017-03-01	Version:	1
Title:	CVE-2013-3709
Description:	WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2013-3709
Platform(s):	openSUSE 12.2 Update openSUSE 12.3 Update openSUSE 13.1	Product(s):
Definition Synopsis
openSUSE 13.1 is installed AND Package Information webyast-base-0.3.45.1-2.4.1 is installed OR webyast-base-branding-default-0.3.45.1-2.4.1 is installed OR webyast-base-testsuite-0.3.45.1-2.4.1 is installed