Chetcpasswd 2.x: multiple vulnerabilities
>From Debian.org:
"chetpasswd uses the HTTP_X_FORWARDED_FOR for authentication purposes(...).
Obviously, HTTP_X_FORWARDED_FOR is not a trusted variable, and can be spoofed
by any scriptkiddie who can read the man page of wget (...).
Furthermore, this cgi script doesn't seem to implement any rate limiting for
the passwd checks, thereby allowing for a dictionary attack via http. Also,
it seems to give different a error message if the user is not found then if the
entered password is wrong, thereby exposing the names of user accounts to
external attackers (...)."
The original message and others are available at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394454