CVE-2006-6683 Information

Description

Pedro Lineu Orso chetcpasswd 2.4.1 and earlier verifies and updates user accounts via custom code that processes /etc/shadow and does not follow the PAM configuration which might allow remote attackers to bypass intended restrictions implemented through PAM.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394454 http://www.securityfocus.com/bid/21102