Back to search
CVE-2006-1283
Published: Mar 23, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root account and possibly gain root privileges if a root shell is permitted by the configuration of the wheel group or sshd.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
bsd-opie-unauthorized-privileges(25397)
vdb-entry
x_refsource_XF
1015817
vdb-entry
x_refsource_SECTRACK
17194
vdb-entry
x_refsource_BID
19347
third-party-advisory
x_refsource_SECUNIA
24067
vdb-entry
x_refsource_OSVDB
ADV-2006-1074
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now