Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pedro lineu orso chetcpasswd vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6683
Pedro Lineu Orso chetcpasswd 2.4.1 and previous versions verifies and updates user accounts via custom code that processes /etc/shadow and does not follow the PAM configuration, which might allow remote malicious users to bypass intended restrictions implemented through PAM.
Pedro Lineu Orso Chetcpasswd
Pedro Lineu Orso Chetcpasswd 2.1
Pedro Lineu Orso Chetcpasswd 2.3.1
Pedro Lineu Orso Chetcpasswd 2.3.3
Pedro Lineu Orso Chetcpasswd 1.12
Pedro Lineu Orso Chetcpasswd 2.2.1
NA
CVE-2006-6684
Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd prior to 2.4 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a long X-Forwarded-For HTTP header. NOTE: The provenance of this information is unknown; ...
Pedro Lineu Orso Chetcpasswd 2.3.1
Pedro Lineu Orso Chetcpasswd
NA
CVE-2006-6685
Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd 2.3.3 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long REMOTE_ADDR environment variable. NOTE: The provenance of this information is unknown; the details a...
Pedro Lineu Orso Chetcpasswd 2.3.3
NA
CVE-2002-2221
Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and previous versions allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639.
Chetcpasswd Chetcpasswd 2.3.1
Chetcpasswd Chetcpasswd 2.3.3
Chetcpasswd Chetcpasswd 2.4.1
NA
CVE-2002-2220
Buffer overflow in Pedro Lineu Orso chetcpasswd prior to 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors.
Chetcpasswd Chetcpasswd 1.12
NA
CVE-2002-2219
chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd prior to 2.1 allows remote malicious users to read the last line of the shadow file via a long user (userid) field.
Chetcpasswd Chetcpasswd 2.1
1 EDB exploit
NA
CVE-2006-6681
Pedro Lineu Orso chetcpasswd 2.3.3 does not have a rate limit for client requests, which might allow remote malicious users to determine passwords via a dictionary attack.
Chetcpasswd Chetcpasswd 2.3.3
NA
CVE-2006-6680
Pedro Lineu Orso chetcpasswd prior to 2.3.1 does not document the need for 0400 permissions on /etc/chetcpasswd.allow, which might allow local users to gain sensitive information by reading this file.
Chetcpasswd Chetcpasswd 2.2.1
7.5
CVSSv3
CVE-2006-6679
Pedro Lineu Orso chetcpasswd prior to 2.4 relies on the X-Forwarded-For HTTP header when verifying a client's status on an IP address ACL, which allows remote malicious users to gain unauthorized access by spoofing this header.
Chetcpasswd Project Chetcpasswd
NA
CVE-2006-6682
Pedro Lineu Orso chetcpasswd 2.3.3 provides a different error message when a request with a valid username fails, compared to a request with an invalid username, which allows remote malicious users to determine valid usernames on the system.
Chetcpasswd Project Chetcpasswd 2.3.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started