CVE-2006-6679
The issue affects chetcpasswd prior to version 2.4, where ACL checks rely on the X-Forwarded-For header. This header spoofing allows remote attackers to gain unauthorized access. Root cause: authentication/authorization logic trusts X-Forwarded-For for client status in IP ACLs. Documented impact:...