CVE-2015-0885 Information

Description

checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a – (dash dash) in a username.

Reference

http://checkpw.sourceforge.net/checkpw/changes.txt http://jvn.jp/en/jp/JVN34790526/995575/index.html http://jvn.jp/en/jp/JVN34790526/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000032 http://www.debian.org/security/2015/dsa-3192