CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-0002

poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.9%

CVSS Severity

CVSS v2 Score 10.0

References

http://secunia.com/advisories/13865
http://security.gentoo.org/glsa/glsa-200501-22.xml
http://securitytracker.com/id?1012840
http://secunia.com/advisories/13865
http://security.gentoo.org/glsa/glsa-200501-22.xml
http://securitytracker.com/id?1012840

Products affected by CVE-2005-0002

Gentoo » Poppassd Pam » Version: N/A

cpe:2.3:a:gentoo:poppassd_pam:-
Gentoo » Poppassd Pam » Version: 1.0

cpe:2.3:a:gentoo:poppassd_pam:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-0002

Products

Pricing

Contact Us