Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root account and possibly gain root privileges if a root shell is permitted by the configuration of the wheel group or sshd.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OPIE任意账户口令更改漏洞
Vulnerability Description
在FreeBSD 4.10-RELEASE-p22至6.1-STABLE 20060322之前版本的Everything (OPIE),其One-Time Passwords中的opiepasswd采用getlogin函数去判定激活用户账户,本地用户可配置OPIE访问根目录账户和可能取得根目录特权,如果根目录shell通过wheel和sshd配置被允许的话。
CVSS Information
N/A
Vulnerability Type
N/A