CVEブラウザに戻る

CVE-2005-0002

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0870%

EPSS Percentile44.85th

Published2005年5月2日

Last Modified2026年4月16日

Vulnerability Description

poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users.

Affected Platforms (CPE)

📦

Gentoo

Poppassd Pam

<= 1.0

References & Advisories

🔗 http://secunia.com/advisories/13865

🔗 http://security.gentoo.org/glsa/glsa-200501-22.xml

🔗 http://securitytracker.com/id?1012840

🔗 http://secunia.com/advisories/13865

🔗 http://security.gentoo.org/glsa/glsa-200501-22.xml

🔗 http://securitytracker.com/id?1012840

関連する脆弱性情報

CVE-2005-063610.0

Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service (crash) and possibly execut...

CVE-2005-103710.0

Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.

CVE-2005-473010.0

Unspecified vulnerability in PEAR Text_Password 1.0 has unknown impact and attack vectors, related to "problematic seeding" of the...

CVE-2005-089210.0

Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL ...