Vulnerability Details CVE-2006-6684
Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long X-Forwarded-For HTTP header. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.6%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2006-6684
-
cpe:2.3:a:pedro_lineu_orso:chetcpasswd:1.12
-
cpe:2.3:a:pedro_lineu_orso:chetcpasswd:2.1
-
cpe:2.3:a:pedro_lineu_orso:chetcpasswd:2.2.1
-
cpe:2.3:a:pedro_lineu_orso:chetcpasswd:2.3.1
-
cpe:2.3:a:pedro_lineu_orso:chetcpasswd:2.3.3