Lucene search
MitreCVE-2005-0002HistoryMay 02, 2005 - 4:00 a.m.
CVE-2005-0002
2005-05-0204:00:00
mitre
web.nvd.nist.gov
31
poppassd_pam
password change
remote attackers
security vulnerability
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.9
Confidence
Low
EPSS
0.01
Percentile
83.7%
poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users.
Affected configurations
Node
gentoopoppassd_pamRange≤1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| gentoo | poppassd_pam | * | cpe:2.3:a:gentoo:poppassd_pam:*:*:*:*:*:*:*:* |
Related
openvas
openvas
Gentoo Security Advisory GLSA 200501-22 (poppassd_pam)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200501-22 (poppassd_pam)
2008-09-24 00:00:00
securityvulns
securityvulns
[ GLSA 200501-22 ] poppassd_pam: Unauthorized password changing
2005-01-13 00:00:00
nessus
nessus
GLSA-200501-22 : poppassd_pam: Unauthorized password changing
2005-02-14 00:00:00
cvelist
cvelist
CVE-2005-0002
2005-01-19 05:00:00
nvd
nvd
CVE-2005-0002
2005-05-02 04:00:00
gentoo
gentoo
poppassd_pam: Unauthorized password changing
2005-01-11 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.9
Confidence
Low
EPSS
0.01
Percentile
83.7%
Related for CVE-2005-0002