This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
Dovecot created the configured 'base_dir' (/var/run/dovecot) with mode
0777 if it didn't exist, therefore allowing local users to mess with
e.g. the authentication socket (CVE-2009-3897).
Note that /var/run/dovecot is part of the dovecot rpm with proper
permission settings. Therefor dovecot is not vulnerable in the default
configuration as shipped on openSUSE.
See also :
Update the affected dovecot12 packages.
Risk factor :
Medium / CVSS Base Score : 4.6