VYPR
Unrated severityNVD Advisory· Published Jul 16, 2009· Updated Jun 16, 2026

CVE-2009-2482

CVE-2009-2482

Description

The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group.

Affected products

8
  • NetBSD/NetBSD8 versions
    cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*
    • cpe:2.3:o:netbsd:netbsd:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:netbsd:netbsd:4.0:beta:*:*:*:*:*:*
    • cpe:2.3:o:netbsd:netbsd:4.0:beta2:*:*:*:*:*:*
    • cpe:2.3:o:netbsd:netbsd:4.1:*:*:*:*:*:*:*
    • cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:netbsd:netbsd:5.0:rc3:*:*:*:*:*:*
    • (no CPE)range: <4.0.2, <5.0.1

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.