diff options
| author | Wesley Shields <wxs@FreeBSD.org> | 2009-12-10 15:27:42 +0000 |
|---|---|---|
| committer | Wesley Shields <wxs@FreeBSD.org> | 2009-12-10 15:27:42 +0000 |
| commit | ea8549354e9442e5772a8d0b8d8abffd4d3ad619 (patch) | |
| tree | 20b8f3d1318948a20b4b53aab7ada0e833dfcbf8 | |
| parent | e83d3a1db80ed270db2d09864cd41389ac6b01cb (diff) | |
| download | ports-ea8549354e9442e5772a8d0b8d8abffd4d3ad619.tar.gz ports-ea8549354e9442e5772a8d0b8d8abffd4d3ad619.zip | |
Notes
| -rw-r--r-- | security/vuxml/vuln.xml | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 9545f35a2c6d..5d3c0815793e 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -35,6 +35,36 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="30211c45-e52a-11de-b5cd-00e0815b8da8"> + <topic>dovecot -- Insecure directory permissions</topic> + <affects> + <package> + <name>dovecot</name> + <range><lt>1.2.8</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Dovecot author reports:</p> + <blockquote cite="http://www.dovecot.org/list/dovecot-news/2009-November/000143.html"> + <p>Dovecot v1.2.x had been creating base_dir (and its parents if + necessary) with 0777 permissions. The base_dir's permissions get + changed to 0755 automatically at startup, but you may need to + chmod the parent directories manually.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2009-3897</cvename> + <bid>37084</bid> + <url>http://secunia.com/advisories/37443</url> + </references> + <dates> + <discovery>2009-11-20</discovery> + <entry>2009-12-10</entry> + </dates> + </vuln> + <vuln vid="3c1a672e-e508-11de-9f4a-001b2134ef46"> <topic>linux-flashplugin -- multiple vulnerabilities</topic> <affects> |