CVE-2005-0002 Information

Description

poppassd_pam 1.0 and earlier when changing a user password does not verify that the user entered the old password correctly which allows remote attackers to change passwords for arbitrary users.

Reference

http://secunia.com/advisories/13865 http://security.gentoo.org/glsa/glsa-200501-22.xml http://securitytracker.com/id?1012840