CVE-2006-6684

2006-12-2119:00:00

mitre

www.cve.org

buffer overflow

chetcpasswd

remote code execution

denial of service

x-forwarded-for

http header

AI Score

8.1

Confidence

High

EPSS

0.046

Percentile

92.7%

JSON

Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long X-Forwarded-For HTTP header. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=394454

secunia.com/advisories/22967

www.osvdb.org/30546