virus logo Intrusion Prevention

CGI.CHETCPASSWD.Shadow.File.Disclosure

description-logoDescription

This indicates a malicious attacker tried to gain information through a vulnerability in chetcpasswd.cgi. If a malicious user sends an overly long URI string to chetcpasswd.cgi it is possible that the tail end of the local shadow file may be exposed.

affected-products-logoAffected Products

CHETCPASSWD 1.12

Impact logoImpact

Information Leakage.

recomended-action-logoRecommended Actions

Upgrade to CHETCPASSWD 1.12.1 or later.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 10825
Created Aug 23, 2005
Updated Aug 29, 2022
Risk black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Default Action pass
Active
Affected OS Linux
Affected App CGI_app