CVE-2006-6679

EPSS 1.61% · P82 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-6679

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Pedro Lineu Orso chetcpasswd before 2.4 relies on the X-Forwarded-For HTTP header when verifying a client's status on an IP address ACL, which allows remote attackers to gain unauthorized access by spoofing this header.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Pedro Lineu Orso chetcpasswd X-Forwarded-For HTTP报头欺骗未授权访问漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Pedro Lineu Orso chetcpasswd的2.4之前版本依赖X-Forwarded-For HTTP报头来验证客户端在IP地址ACL上的状态，远程攻击者可以通过欺骗报头来获取未授权访问。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-6679

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-6679

Please Login to view more intelligence information

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394454x_refsource_MISC
http://sourceforge.net/project/shownotes.php?group_id=68912&release_id=466649x_refsource_CONFIRM
http://secunia.com/advisories/22967third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/21102vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/30451vdb-entryx_refsource_XF
http://marc.info/?l=bugtraq&m=116371297325564&w=2mailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-6679

Same Patch Batch · n/a · 2006-12-21 · 29 CVEs total

CVE-2006-6680		Pedro Lineu Orso chetcpasswd 'chetcpasswd.allow'敏感信息泄露漏洞
CVE-2006-6678		Netrik Textarea 'form-file.c' 任意命令执行漏洞
CVE-2006-6677		NOD32 Anti-Virus .CHM文件计算错误漏洞
CVE-2006-6676		NOD32 Anti-Virus多个文件解析安全漏洞
CVE-2006-6675		Novell NetWare Welcome Web-App未明跨站脚本攻击漏洞
CVE-2006-6674		Ozeki HTTP-SMS Gateway密码信息泄露漏洞
CVE-2006-6673		WinFtp Server 长命令拒绝服务攻击
CVE-2006-6672		Burak Yylmaz Download Portal SQL注入漏洞
CVE-2006-6671		Burak Yilmaz Download Portal 'Down.ASP' SQL注入漏洞
CVE-2006-6685		Pedro Lineu Orso chetcpasswd 栈缓冲区溢出漏洞
CVE-2006-6684		Pedro Lineu Orso chetcpasswd HTTP报头缓冲区错误漏洞
CVE-2006-6683		Chetcpasswd '/etc/shadow' 安全绕过漏洞
CVE-2006-6682		Pedro Lineu Orso chetcpasswd 无效用户名请求安全信息泄露漏洞
CVE-2006-6681		Pedro Lineu Orso chetcpasswd 密码暴力破解漏洞
CVE-2006-6686		TextSend 'Sender.PHP'远程文件包含漏洞
CVE-2006-6104		Mono XSP mod_mono模块目录遍历和源码信息泄露漏洞
CVE-2002-2221		Chetcpasswd本地特权提升漏洞
CVE-2002-2220		Pedro Lineu Orso chetcpasswd缓冲区溢出漏洞
CVE-2002-2219		Chpasswd可远程访问敏感文件漏洞
CVE-2006-6695		Carsen Klock TextSend 'index.php'多个跨站脚本攻击漏洞

Showing top 20 of 29 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-6679

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2006-6679

I. Basic Information for CVE-2006-6679

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-6679

III. Intelligence Information for CVE-2006-6679

Same Patch Batch · n/a · 2006-12-21 · 29 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2006-6679

Leave a comment