CVE-2006-1283

Name of the Vulnerable Software and Affected Versions FreeBSD versions 4.10-RELEASE-p22 through 6.1-STABLE before 20060322

Description The issue allows local users to potentially gain root privileges by configuring OPIE access to the root account. This could be possible if a root shell is permitted by the configuration of the wheel group or sshd. The getlogin function is used to determine the invoking user account.

Recommendations For FreeBSD versions 4.10-RELEASE-p22 through 6.1-STABLE before 20060322, consider restricting access to the opiepasswd function to prevent local users from configuring OPIE access to the root account until a fix is applied. As a temporary workaround, review and restrict the configuration of the wheel group and sshd to minimize the risk of exploitation.