Vulnerability Details CVE-2009-2482
The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 22.2%
CVSS Severity
CVSS v2 Score 6.9
References
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-004.txt.asc
- http://osvdb.org/55284
- http://secunia.com/advisories/35553
- http://www.securityfocus.com/bid/35465
- http://www.securitytracker.com/id?1022432
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51312
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-004.txt.asc
- http://osvdb.org/55284
- http://secunia.com/advisories/35553
- http://www.securityfocus.com/bid/35465
- http://www.securitytracker.com/id?1022432
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51312