CVE-2005-0002

Summary

poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users.