CVE-2009-2482

2009-07-1616:00:00

mitre

www.cve.org

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group.

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-004.txt.asc

osvdb.org/55284

secunia.com/advisories/35553

www.securityfocus.com/bid/35465

www.securitytracker.com/id?1022432

exchange.xforce.ibmcloud.com/vulnerabilities/51312