CVE-2009-2482

EPSS 0.05%
Veröffentlicht 16.07.2009 16:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Netbsd ≫ Netbsd Version4.0

Netbsd ≫ Netbsd Version4.0 Updatebeta

Netbsd ≫ Netbsd Version4.0 Updatebeta2

Netbsd ≫ Netbsd Version4.0.1

Netbsd ≫ Netbsd Version4.1

Netbsd ≫ Netbsd Version5.0

Netbsd ≫ Netbsd Version5.0 Updaterc3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.128

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-004.txt.asc

http://osvdb.org/55284

http://secunia.com/advisories/35553

Vendor Advisory

http://www.securityfocus.com/bid/35465

http://www.securitytracker.com/id?1022432

https://exchange.xforce.ibmcloud.com/vulnerabilities/51312

https://nvd.nist.gov/vuln/detail/CVE-2009-2482

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-2482

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-2482

EUVD