Checkpw · Checkpw · CVE-2015-0885
**Name of the Vulnerable Software and Affected Versions**
checkpw versions 1.02 and earlier
**Description**
The issue allows remote attackers to cause a denial of service, resulting in an infinite loop, by including a `--` (dash dash) in a `username`.
**Recommendations**
For checkpw versions 1.02 and earlier, as a temporary workaround, consider restricting the use of the `username` parameter to prevent the inclusion of `--` (dash dash) until a patch is available.