Users login

Create an account »

JOIN XATRIX

Users login

Home » CVE Vulnerabilities » CVE-2006-1283

CVE-2006-1283 opiepasswd in One-Time Passwords in Everything

  • CVE ID: CVE-2006-1283
  • Vendors:
  • Date: November 30, -0001
  • Severity: Low
  • Impact score: 0.00
  • Exploit score: 0.00

opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root account and possibly gain root pribileges if a root shell is permitted by the configuration of the wheel group or sshd.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »