A poppassd_pam security update is available for Gentoo Linux
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: poppassd_pam: Unauthorized password changing
Date: January 11, 2005
Bugs: #75820
ID: 200501-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
poppassd_pam allows anyone to change any user's password without authenticating the user first.
Background
=========
poppassd_pam is a PAM-enabled server for changing system passwords that can be used to change POP server passwords.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
net-mail/poppassd_ceti = 1.8.4
net-mail/poppassd_pam
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: poppassd_pam: Unauthorized password changing
Date: January 11, 2005
Bugs: #75820
ID: 200501-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
poppassd_pam allows anyone to change any user's password without authenticating the user first.
Background
=========
poppassd_pam is a PAM-enabled server for changing system passwords that can be used to change POP server passwords.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
net-mail/poppassd_ceti = 1.8.4
net-mail/poppassd_pam
