Lucene search
HistoryDec 21, 2006 - 7:28 p.m.
CVE-2006-6683
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
6.9
Confidence
Low
EPSS
0.003
Percentile
66.3%
Pedro Lineu Orso chetcpasswd 2.4.1 and earlier verifies and updates user accounts via custom code that processes /etc/shadow and does not follow the PAM configuration, which might allow remote attackers to bypass intended restrictions implemented through PAM.
Affected configurations
Node
pedro_lineu_orsochetcpasswdRange≤2.4.1
ORpedro_lineu_orsochetcpasswdMatch1.12
ORpedro_lineu_orsochetcpasswdMatch2.1
ORpedro_lineu_orsochetcpasswdMatch2.2.1
ORpedro_lineu_orsochetcpasswdMatch2.3.1
ORpedro_lineu_orsochetcpasswdMatch2.3.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| pedro_lineu_orso | chetcpasswd | * | cpe:2.3:a:pedro_lineu_orso:chetcpasswd:*:*:*:*:*:*:*:* |
| pedro_lineu_orso | chetcpasswd | 1.12 | cpe:2.3:a:pedro_lineu_orso:chetcpasswd:1.12:*:*:*:*:*:*:* |
| pedro_lineu_orso | chetcpasswd | 2.1 | cpe:2.3:a:pedro_lineu_orso:chetcpasswd:2.1:*:*:*:*:*:*:* |
| pedro_lineu_orso | chetcpasswd | 2.2.1 | cpe:2.3:a:pedro_lineu_orso:chetcpasswd:2.2.1:*:*:*:*:*:*:* |
| pedro_lineu_orso | chetcpasswd | 2.3.1 | cpe:2.3:a:pedro_lineu_orso:chetcpasswd:2.3.1:*:*:*:*:*:*:* |
| pedro_lineu_orso | chetcpasswd | 2.3.3 | cpe:2.3:a:pedro_lineu_orso:chetcpasswd:2.3.3:*:*:*:*:*:*:* |
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
6.9
Confidence
Low
EPSS
0.003
Percentile
66.3%
Related for NVD:CVE-2006-6683