 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2006-1283 |
| Description: | opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root account and possibly gain root privileges if a root shell is permitted by the configuration of the wheel group or sshd. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.56455 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2006-1283 BugTraq ID: 17194 http://www.securityfocus.com/bid/17194 FreeBSD Security Advisory: FreeBSD-SA-06:12 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:12.opie.asc http://www.osvdb.org/24067 http://securitytracker.com/id?1015817 http://secunia.com/advisories/19347 http://www.vupen.com/english/advisories/2006/1074 XForce ISS Database: bsd-opie-unauthorized-privileges(25397) https://exchange.xforce.ibmcloud.com/vulnerabilities/25397 |