CVE-2006-6682

Name of the Vulnerable Software and Affected Versions: chetcpasswd version 2.3.3

Description: The issue allows remote attackers to determine valid usernames on the system by providing different error messages for requests with valid and invalid usernames.

Recommendations: For chetcpasswd version 2.3.3, consider modifying the error handling mechanism to provide generic error messages for both valid and invalid username requests, thereby preventing attackers from determining valid usernames. At the moment, there is no information about a newer version that contains a fix for this vulnerability.