chetcpasswd 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
Historical issues mainly involve バッファオーバーフロー and related security problems, affecting vendor surface software deployment and vendor surface production workloads scenarios.
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2006-6681 | Pedro Lineu Orso chetcpasswd 2.3.3 does not have a rate limit for client requests, which might allow remote attackers to determine passwords via a dictionary attack. | [email protected] | 7.5 | 1.40% | 2006-12-21 | 2026-06-16 |
| CVE-2006-6680 | Pedro Lineu Orso chetcpasswd before 2.3.1 does not document the need for 0400 permissions on /etc/chetcpasswd.allow, which might allow local users to gain sensitive information by reading this file. | [email protected] | 4.6 | 0.29% | 2006-12-21 | 2026-06-16 |
| CVE-2006-6639 | Multiple unspecified vulnerabilities in chetcpasswd 2.4.1 allow local users to gain privileges via unspecified vectors related to executing (1) the cp program, (2) the mail program, or (3) the program specified in the post_change configuration line. | [email protected] | 4.6 | 0.28% | 2006-12-19 | 2026-06-16 |
| CVE-2002-2221 | Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639. | [email protected] | 6.2 | 0.27% | 2002-12-31 | 2026-06-16 |
| CVE-2002-2220 | Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors. | [email protected] | 6.2 | 0.25% | 2002-12-31 | 2026-06-16 |
| CVE-2002-2219 | chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows remote attackers to read the last line of the shadow file via a long user (userid) field. | [email protected] | 7.5 | 6.04% | 2002-12-31 | 2026-06-16 |