Unrated severityNVD Advisory· Published Jul 16, 2009· Updated Jun 16, 2026
CVE-2009-2482
CVE-2009-2482
Description
The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group.
Affected products
8cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:4.0:beta:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:4.0:beta2:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:netbsd:netbsd:5.0:rc3:*:*:*:*:*:*
- (no CPE)range: <4.0.2, <5.0.1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.