If your system is using PAM for its authentication, check out the Authen::PAM module, which includes code for changing the current user's password in its documentation. This is a very, very dangerous thing to be doing with CGI, though (as has been mentioned).

In addition, if you're prepared to run your CGI as root (or, better, if you're farming off the 'change' to another script that runs as root), which is a whole other can of worms, you might be able to make use of Unix::PasswdFile or Passwd::Linux.