Vulnerability CVE-2006-6639


Published: 2006-12-19   Modified: 2012-02-12

Description:
Multiple unspecified vulnerabilities in chetcpasswd 2.4.1 allow local users to gain privileges via unspecified vectors related to executing (1) the cp program, (2) the mail program, or (3) the program specified in the post_change configuration line.

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Chetcpasswd -> Chetcpasswd 

 References:
http://www.securityfocus.com/bid/21644
http://secunia.com/advisories/23024

Copyright 2024, cxsecurity.com

 

Back to Top