Insecure Password Change Vulnerability in poppassd_pam 1.0 and Earlier

Insecure Password Change Vulnerability in poppassd_pam 1.0 and Earlier

CVE-2005-0002 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users.

Learn more about our User Device Pen Test.