CVE-2009-2482

EPSS 0.05%
Published 16.07.2009 16:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group.

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Netbsd ≫ Netbsd Version4.0

Netbsd ≫ Netbsd Version4.0 Updatebeta

Netbsd ≫ Netbsd Version4.0 Updatebeta2

Netbsd ≫ Netbsd Version4.0.1

Netbsd ≫ Netbsd Version4.1

Netbsd ≫ Netbsd Version5.0

Netbsd ≫ Netbsd Version5.0 Updaterc3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.128

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-004.txt.asc

http://osvdb.org/55284

http://secunia.com/advisories/35553

Vendor Advisory

http://www.securityfocus.com/bid/35465

http://www.securitytracker.com/id?1022432

https://exchange.xforce.ibmcloud.com/vulnerabilities/51312

https://nvd.nist.gov/vuln/detail/CVE-2009-2482

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-2482

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-2482

EUVD