|
|
CVE Reference: CVE-2006-1283 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-1283 |
|
|
Description: opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root account and possibly gain root pribileges if a root shell is permitted by the configuration of the wheel group or sshd. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/25397 ST 1015817 SAID Secunia Advisory: SA19347 OSVDB 24067 FREEBSD BID 17194 |
|
| Return to the previous page. |
