CVE Vulnerabilities

CVE-2006-6683

Published: Dec 21, 2006 | Modified: Nov 13, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:C/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Pedro Lineu Orso chetcpasswd 2.4.1 and earlier verifies and updates user accounts via custom code that processes /etc/shadow and does not follow the PAM configuration, which might allow remote attackers to bypass intended restrictions implemented through PAM.

Affected Software

Name Vendor Start Version End Version
Chetcpasswd Pedro_lineu_orso 2.2.1 2.2.1
Chetcpasswd Pedro_lineu_orso 2.3.1 2.3.1
Chetcpasswd Pedro_lineu_orso 2.3.3 2.3.3
Chetcpasswd Pedro_lineu_orso * 2.4.1
Chetcpasswd Pedro_lineu_orso 2.1 2.1
Chetcpasswd Pedro_lineu_orso 1.12 1.12

References