PT-2009-4889 · Openpam+1 · Openam+1
Publicado
2009-07-16
·
Atualizado
2017-08-17
·
CVE-2009-2482
CVSS v2.0
6.9
Média
| Vetor | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
NetBSD versions 4.0 through 4.0.1
NetBSD versions 5.0 through 5.0.0
Description
The issue allows local users to change the current root password if it is already known, even when they are not in the wheel group, due to a problem in the pam unix module in OpenPAM.
Recommendations
For NetBSD versions 4.0 through 4.0.1, update to version 4.0.2 or later.
For NetBSD versions 5.0 through 5.0.0, update to version 5.0.1 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Netbsd
Openam