7.8
CVE-2006-6683
- EPSS 1.32%
- Veröffentlicht 21.12.2006 19:28:00
- Zuletzt bearbeitet 16.06.2026 22:33:35
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginPedro Lineu Orso chetcpasswd 2.4.1 and earlier verifies and updates user accounts via custom code that processes /etc/shadow and does not follow the PAM configuration, which might allow remote attackers to bypass intended restrictions implemented through PAM.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pedro Lineu Orso ≫ Chetcpasswd Version <= 2.4.1
Pedro Lineu Orso ≫ Chetcpasswd Version1.12
Pedro Lineu Orso ≫ Chetcpasswd Version2.1
Pedro Lineu Orso ≫ Chetcpasswd Version2.2.1
Pedro Lineu Orso ≫ Chetcpasswd Version2.3.1
Pedro Lineu Orso ≫ Chetcpasswd Version2.3.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.32% | 0.671 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:C/I:N/A:N
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394454
http://www.securityfocus.com/bid/21102