Chetcpasswd
by Chetcpasswd
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-6679 | Hig | 0.49 | 7.5 | 0.02 | Dec 21, 2006 | Pedro Lineu Orso chetcpasswd before 2.4 relies on the X-Forwarded-For HTTP header when verifying a client's status on an IP address ACL, which allows remote attackers to gain unauthorized access by spoofing this header. | ||
| CVE-2002-2219 | 0.03 | — | 0.06 | Dec 31, 2002 | chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows remote attackers to read the last line of the shadow file via a long user (userid) field. | |||
| CVE-2006-6681 | 0.00 | — | 0.01 | Dec 21, 2006 | Pedro Lineu Orso chetcpasswd 2.3.3 does not have a rate limit for client requests, which might allow remote attackers to determine passwords via a dictionary attack. | |||
| CVE-2006-6682 | 0.00 | — | 0.02 | Dec 21, 2006 | Pedro Lineu Orso chetcpasswd 2.3.3 provides a different error message when a request with a valid username fails, compared to a request with an invalid username, which allows remote attackers to determine valid usernames on the system. | |||
| CVE-2006-6683 | 0.00 | — | 0.01 | Dec 21, 2006 | Pedro Lineu Orso chetcpasswd 2.4.1 and earlier verifies and updates user accounts via custom code that processes /etc/shadow and does not follow the PAM configuration, which might allow remote attackers to bypass intended restrictions implemented through PAM. | |||
| CVE-2006-6685 | 0.00 | — | 0.00 | Dec 21, 2006 | Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd 2.3.3 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long REMOTE_ADDR environment variable. NOTE: The provenance of this information is unknown; the details… | |||
| CVE-2006-6680 | 0.00 | — | 0.00 | Dec 21, 2006 | Pedro Lineu Orso chetcpasswd before 2.3.1 does not document the need for 0400 permissions on /etc/chetcpasswd.allow, which might allow local users to gain sensitive information by reading this file. | |||
| CVE-2006-6684 | 0.00 | — | 0.03 | Dec 21, 2006 | Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long X-Forwarded-For HTTP header. NOTE: The provenance of this information is unknown; the… | |||
| CVE-2006-6639 | 0.00 | — | 0.00 | Dec 19, 2006 | Multiple unspecified vulnerabilities in chetcpasswd 2.4.1 allow local users to gain privileges via unspecified vectors related to executing (1) the cp program, (2) the mail program, or (3) the program specified in the post_change configuration line. | |||
| CVE-2002-2221 | 0.00 | — | 0.00 | Dec 31, 2002 | Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639. | |||
| CVE-2002-2220 | 0.00 | — | 0.00 | Dec 31, 2002 | Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors. |
- risk 0.49cvss 7.5epss 0.02
Pedro Lineu Orso chetcpasswd before 2.4 relies on the X-Forwarded-For HTTP header when verifying a client's status on an IP address ACL, which allows remote attackers to gain unauthorized access by spoofing this header.
- CVE-2002-2219Dec 31, 2002risk 0.03cvss —epss 0.06
chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows remote attackers to read the last line of the shadow file via a long user (userid) field.
- CVE-2006-6681Dec 21, 2006risk 0.00cvss —epss 0.01
Pedro Lineu Orso chetcpasswd 2.3.3 does not have a rate limit for client requests, which might allow remote attackers to determine passwords via a dictionary attack.
- CVE-2006-6682Dec 21, 2006risk 0.00cvss —epss 0.02
Pedro Lineu Orso chetcpasswd 2.3.3 provides a different error message when a request with a valid username fails, compared to a request with an invalid username, which allows remote attackers to determine valid usernames on the system.
- CVE-2006-6683Dec 21, 2006risk 0.00cvss —epss 0.01
Pedro Lineu Orso chetcpasswd 2.4.1 and earlier verifies and updates user accounts via custom code that processes /etc/shadow and does not follow the PAM configuration, which might allow remote attackers to bypass intended restrictions implemented through PAM.
- CVE-2006-6685Dec 21, 2006risk 0.00cvss —epss 0.00
Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd 2.3.3 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long REMOTE_ADDR environment variable. NOTE: The provenance of this information is unknown; the details…
- CVE-2006-6680Dec 21, 2006risk 0.00cvss —epss 0.00
Pedro Lineu Orso chetcpasswd before 2.3.1 does not document the need for 0400 permissions on /etc/chetcpasswd.allow, which might allow local users to gain sensitive information by reading this file.
- CVE-2006-6684Dec 21, 2006risk 0.00cvss —epss 0.03
Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long X-Forwarded-For HTTP header. NOTE: The provenance of this information is unknown; the…
- CVE-2006-6639Dec 19, 2006risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in chetcpasswd 2.4.1 allow local users to gain privileges via unspecified vectors related to executing (1) the cp program, (2) the mail program, or (3) the program specified in the post_change configuration line.
- CVE-2002-2221Dec 31, 2002risk 0.00cvss —epss 0.00
Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639.
- CVE-2002-2220Dec 31, 2002risk 0.00cvss —epss 0.00
Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors.