MidnightBSD

Advisories for chetcpasswd

CVE-2002-2219 HIGH

chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows remote attackers to read the last line of the shadow file via a long user (userid) field.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
chetcpasswd chetcpasswd 2.1
CVE-2002-2220 MEDIUM

Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
chetcpasswd chetcpasswd 1.12
CVE-2002-2221 MEDIUM

Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
chetcpasswd chetcpasswd 2.3.3
chetcpasswd chetcpasswd 2.3.1
chetcpasswd chetcpasswd 2.4.1