CVE-2009-2482

Sažetak

The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group.

Reference

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-004.txt.asc
http://osvdb.org/55284
http://secunia.com/advisories/35553
http://www.securityfocus.com/bid/35465
http://www.securitytracker.com/id?1022432
https://exchange.xforce.ibmcloud.com/vulnerabilities/51312

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

17-08-2017 - 01:30

Objavljeno

16-07-2009 - 16:30