CVE-2005-0002 - Coarser Subroutine
Description
poppassd_pam 1.0 and earlier when changing a user password does not verify that the user entered the old password correctly which allows remote attackers to change passwords for arbitrary users.
Reference
http://security.gentoo.org/glsa/glsa-200501-22.xml http://securitytracker.com/id?1012840 http://secunia.com/advisories/13865