CVE-2009-2482 Information

Description

The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known even when they are not in the wheel group.

Reference

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-004.txt.asc http://osvdb.org/55284 http://secunia.com/advisories/35553 http://www.securityfocus.com/bid/35465 http://www.securitytracker.com/id?1022432 https://exchange.xforce.ibmcloud.com/vulnerabilities/51312