CVE-2006-6684 Information

Description

Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long X-Forwarded-For HTTP header. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394454 http://secunia.com/advisories/22967 http://www.osvdb.org/30546