CVE-2009-3897
First published: Tue Nov 24 2009(Updated: )
Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dovecot | >=1.2.0<1.2.8 | |
| Dovecot | =1.2.0 | |
| Dovecot | =1.2.1 | |
| Dovecot | =1.2.2 | |
| Dovecot | =1.2.3 | |
| Dovecot | =1.2.4 | |
| Dovecot | =1.2.5 | |
| Dovecot | =1.2.6 | |
| Dovecot | =1.2.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/37443
- http://marc.info/?l=oss-security&m=125900271508796&w=2
- http://www.dovecot.org/list/dovecot-news/2009-November/000143.html
- http://www.vupen.com/english/advisories/2009/3306
- http://marc.info/?l=oss-security&m=125900267208712&w=2
- http://www.securityfocus.com/bid/37084
- http://marc.info/?l=oss-security&m=125881481222441&w=2
- http://marc.info/?l=oss-security&m=125871729029145&w=2
- http://www.osvdb.org/60316
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:306
- http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54363
Frequently Asked Questions
What is the severity of CVE-2009-3897?
CVE-2009-3897 is considered to be of medium severity due to the potential for unauthorized access to user accounts.
How do I fix CVE-2009-3897?
To mitigate CVE-2009-3897, upgrade Dovecot to version 1.2.8 or later which resolves the permission issues.
Who is affected by CVE-2009-3897?
CVE-2009-3897 affects Dovecot versions from 1.2.0 up to, but not including 1.2.8.
What type of vulnerability is CVE-2009-3897?
CVE-2009-3897 is a local privilege escalation vulnerability related to incorrect directory permissions during installation.
Can CVE-2009-3897 be exploited remotely?
CVE-2009-3897 cannot be exploited remotely as it requires local access to the affected system.
- agent/references
- agent/type
- agent/severity
- agent/weakness
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/nvd-historical
- vendor/dovecot
- canonical/dovecot
- version/dovecot/1.2.0
- version/dovecot/1.2.1
- version/dovecot/1.2.2
- version/dovecot/1.2.3
- version/dovecot/1.2.4
- version/dovecot/1.2.5
- version/dovecot/1.2.6
- version/dovecot/1.2.7