Vulnerabilites related to fail2ban - fail2ban
Vulnerability from fkie_nvd
Published
2007-08-14 00:17
Modified
2024-11-21 00:35
Severity ?
Summary
fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5B134790-909B-4CD8-A5AE-E9B2B1CCFFF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302."
},
{
"lang": "es",
"value": "fail2ban 0.8 y anteriores no analizan sint\u00e1cticamente de forma correcta los ficheros de log, lo cual permite a atacantes remotos a\u00f1adir hosts de su elecci\u00f3n al fichero /etc/hosts.deny y provocar una denegaci\u00f3n de servicio a\u00f1adiendo direcciones IP al fichero de log de ssh, como ha sido demostrado iniciando sesi\u00f3n v\u00eda ssh con una identificaci\u00f3n de versi\u00f3n del protocolo del cliente que contiene una cadena de direcci\u00f3n IP, un vector diferente que CVE-2006-6302."
}
],
"id": "CVE-2007-4321",
"lastModified": "2024-11-21T00:35:18.747",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-14T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=181214"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/42484"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23237"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28374"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200707-13.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1456"
},
{
"source": "cve@mitre.org",
"url": "http://www.ossec.net/en/attacking-loganalysis.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=181214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/42484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200707-13.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ossec.net/en/attacking-loganalysis.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25117"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-12-31 11:50
Modified
2024-11-21 01:45
Severity ?
Summary
server/action.py in Fail2ban before 0.8.8 does not properly handle the content of the matches tag, which might allow remote attackers to trigger unsafe behavior in a custom action file via unspecified symbols in this content.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fail2ban | fail2ban | * | |
| fail2ban | fail2ban | 0.1.0 | |
| fail2ban | fail2ban | 0.1.1 | |
| fail2ban | fail2ban | 0.1.2 | |
| fail2ban | fail2ban | 0.3.0 | |
| fail2ban | fail2ban | 0.3.1 | |
| fail2ban | fail2ban | 0.4.0 | |
| fail2ban | fail2ban | 0.4.1 | |
| fail2ban | fail2ban | 0.5.0 | |
| fail2ban | fail2ban | 0.5.1 | |
| fail2ban | fail2ban | 0.5.2 | |
| fail2ban | fail2ban | 0.5.3 | |
| fail2ban | fail2ban | 0.5.4 | |
| fail2ban | fail2ban | 0.5.5 | |
| fail2ban | fail2ban | 0.6.0 | |
| fail2ban | fail2ban | 0.6.1 | |
| fail2ban | fail2ban | 0.7.0 | |
| fail2ban | fail2ban | 0.7.1 | |
| fail2ban | fail2ban | 0.7.2 | |
| fail2ban | fail2ban | 0.7.3 | |
| fail2ban | fail2ban | 0.7.4 | |
| fail2ban | fail2ban | 0.7.5 | |
| fail2ban | fail2ban | 0.7.6 | |
| fail2ban | fail2ban | 0.7.7 | |
| fail2ban | fail2ban | 0.7.8 | |
| fail2ban | fail2ban | 0.7.9 | |
| fail2ban | fail2ban | 0.8.0 | |
| fail2ban | fail2ban | 0.8.1 | |
| fail2ban | fail2ban | 0.8.2 | |
| fail2ban | fail2ban | 0.8.3 | |
| fail2ban | fail2ban | 0.8.4 | |
| fail2ban | fail2ban | 0.8.5 | |
| fail2ban | fail2ban | 0.8.6 | |
| fail2ban | fail2ban | 0.8.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43813F24-CB93-46D7-8F91-6D436FB04564",
"versionEndIncluding": "0.8.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7750E527-5A05-4716-BF4A-B40EA9E34394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9C7EF4-DA9B-4ADF-A044-2AC8A2FC270F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCFD263-E347-43DD-80A6-D222FCEF23D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64A0FEBA-647F-41F4-8590-7E8C7A49A36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "40BBF7B9-57DB-4479-B2C3-8EB466185E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7847766-CF03-4BF1-BE69-09C50AEC3DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E004A754-3CCB-409D-B13A-DF735ED63971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF9F5C0-7E85-40AC-A7AA-7442749E48D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2331299E-1834-4853-B38B-9E24A364EC62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B27B6-418F-4101-A4A1-6E887BF0BB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B6C2141-12A6-428A-9223-A0CA743BC020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A0468228-10A0-4F72-BE85-D50ED3AA10B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B73E5BBF-3755-4DC8-840F-2466BB2B280D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "880958EA-3BE3-4F16-B323-3CA878BEB3A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79FF61-80D6-4AB8-BC6F-6924AF9A0969",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66BAD83B-AACD-4BCE-8900-8558C6F82D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "719BA249-7B47-488E-86BA-C08286FF8772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A88DA08A-A1C6-4BC1-9BC1-BE823207BFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD346590-84C5-473E-9672-2E920C71B7FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F288E708-A212-4007-A32A-3608C56C5F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7EEF2A-DC72-4F51-B168-237EFA637988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0D366BB8-A4FB-44CC-94BE-3C3BA3861C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "114BC59D-4035-4BC6-B697-9D10415CBDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CB94274B-C1AF-4F87-B244-7BA4526F5D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "98844A94-ABB6-41B4-A5B0-3101F54A3652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F522ECF-7F87-4A25-9CF3-0BCD99B4CAEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEB99EB-DA51-48BB-96BD-4D47D8839C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E29B3199-71BB-4EED-9D91-B6F941AD7BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8CF239-5E91-4708-B594-FA825C69DFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB5D2A5-78E3-49C0-9A8D-397B21E03E26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FFFCA848-72E8-4E33-A636-3D9009AAF870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A97A9988-C973-4ACF-BD37-570004F1AD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BF73708F-4237-47BA-83B8-5999EED0EC28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "server/action.py in Fail2ban before 0.8.8 does not properly handle the content of the matches tag, which might allow remote attackers to trigger unsafe behavior in a custom action file via unspecified symbols in this content."
},
{
"lang": "es",
"value": "server/action.py en Fail2ban antes de v0.8.8 no controla correctamente el contenido de las etiquetas \u0027matches\u0027, lo que podr\u00eda permitir a atacantes remotos provocar conductas inseguras en un archivo de acci\u00f3n personalizado a trav\u00e9s de s\u00edmbolos no especificados en este contenido.\r\n"
}
],
"id": "CVE-2012-5642",
"lastModified": "2024-11-21T01:45:01.733",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-12-31T11:50:27.890",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-04/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=30193056"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:078"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/12/17/2"
},
{
"source": "secalert@redhat.com",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=447572"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=887914"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/fail2ban/fail2ban/commit/83109bc"
},
{
"source": "secalert@redhat.com",
"url": "https://raw.github.com/fail2ban/fail2ban/master/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-04/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=30193056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/12/17/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=447572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=887914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/fail2ban/fail2ban/commit/83109bc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://raw.github.com/fail2ban/fail2ban/master/ChangeLog"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-28 23:55
Modified
2024-11-21 01:51
Severity ?
Summary
The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fail2ban | fail2ban | * | |
| fail2ban | fail2ban | 0.1.0 | |
| fail2ban | fail2ban | 0.1.1 | |
| fail2ban | fail2ban | 0.1.2 | |
| fail2ban | fail2ban | 0.3.0 | |
| fail2ban | fail2ban | 0.3.1 | |
| fail2ban | fail2ban | 0.4.0 | |
| fail2ban | fail2ban | 0.4.1 | |
| fail2ban | fail2ban | 0.5.0 | |
| fail2ban | fail2ban | 0.5.1 | |
| fail2ban | fail2ban | 0.5.2 | |
| fail2ban | fail2ban | 0.5.3 | |
| fail2ban | fail2ban | 0.5.4 | |
| fail2ban | fail2ban | 0.5.5 | |
| fail2ban | fail2ban | 0.6.0 | |
| fail2ban | fail2ban | 0.6.1 | |
| fail2ban | fail2ban | 0.7.0 | |
| fail2ban | fail2ban | 0.7.1 | |
| fail2ban | fail2ban | 0.7.2 | |
| fail2ban | fail2ban | 0.7.3 | |
| fail2ban | fail2ban | 0.7.4 | |
| fail2ban | fail2ban | 0.7.5 | |
| fail2ban | fail2ban | 0.7.6 | |
| fail2ban | fail2ban | 0.7.7 | |
| fail2ban | fail2ban | 0.7.8 | |
| fail2ban | fail2ban | 0.7.9 | |
| fail2ban | fail2ban | 0.8.0 | |
| fail2ban | fail2ban | 0.8.1 | |
| fail2ban | fail2ban | 0.8.2 | |
| fail2ban | fail2ban | 0.8.3 | |
| fail2ban | fail2ban | 0.8.4 | |
| fail2ban | fail2ban | 0.8.5 | |
| fail2ban | fail2ban | 0.8.6 | |
| fail2ban | fail2ban | 0.8.7 | |
| fail2ban | fail2ban | 0.8.7.1 | |
| fail2ban | fail2ban | 0.8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:*:*:*:*:*:*:*:*",
"matchCriteriaId": "249E5D85-A069-4C8C-9F4D-574DFA293EE9",
"versionEndIncluding": "0.8.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7750E527-5A05-4716-BF4A-B40EA9E34394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9C7EF4-DA9B-4ADF-A044-2AC8A2FC270F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCFD263-E347-43DD-80A6-D222FCEF23D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64A0FEBA-647F-41F4-8590-7E8C7A49A36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "40BBF7B9-57DB-4479-B2C3-8EB466185E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7847766-CF03-4BF1-BE69-09C50AEC3DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E004A754-3CCB-409D-B13A-DF735ED63971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF9F5C0-7E85-40AC-A7AA-7442749E48D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2331299E-1834-4853-B38B-9E24A364EC62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B27B6-418F-4101-A4A1-6E887BF0BB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B6C2141-12A6-428A-9223-A0CA743BC020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A0468228-10A0-4F72-BE85-D50ED3AA10B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B73E5BBF-3755-4DC8-840F-2466BB2B280D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "880958EA-3BE3-4F16-B323-3CA878BEB3A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79FF61-80D6-4AB8-BC6F-6924AF9A0969",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66BAD83B-AACD-4BCE-8900-8558C6F82D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "719BA249-7B47-488E-86BA-C08286FF8772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A88DA08A-A1C6-4BC1-9BC1-BE823207BFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD346590-84C5-473E-9672-2E920C71B7FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F288E708-A212-4007-A32A-3608C56C5F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7EEF2A-DC72-4F51-B168-237EFA637988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0D366BB8-A4FB-44CC-94BE-3C3BA3861C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "114BC59D-4035-4BC6-B697-9D10415CBDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CB94274B-C1AF-4F87-B244-7BA4526F5D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "98844A94-ABB6-41B4-A5B0-3101F54A3652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F522ECF-7F87-4A25-9CF3-0BCD99B4CAEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEB99EB-DA51-48BB-96BD-4D47D8839C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E29B3199-71BB-4EED-9D91-B6F941AD7BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8CF239-5E91-4708-B594-FA825C69DFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB5D2A5-78E3-49C0-9A8D-397B21E03E26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FFFCA848-72E8-4E33-A636-3D9009AAF870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A97A9988-C973-4ACF-BD37-570004F1AD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BF73708F-4237-47BA-83B8-5999EED0EC28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B343D0B4-9A4C-4F33-AC91-7CF1E1CC7708",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BDE0D31A-A9C2-48FF-B8FA-E65DDF6A9F7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request."
},
{
"lang": "es",
"value": "Los ficheros de configuraci\u00f3n apache-auth.conf, apache-nohome.conf, apache-noscript.conf, y apache-overflows.conf en Fail2ban anterior a v0.8.10 no valida correctamente los mensajes de registro, lo que permite a atacantes remotos bloquear direcciones IP arbitrarias a trav\u00e9s de ciertos mensajes en una solicitud."
}
],
"id": "CVE-2013-2178",
"lastModified": "2024-11-21T01:51:11.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-28T23:55:10.597",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2013/dsa-2708"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/06/13/7"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17338"
},
{
"source": "secalert@redhat.com",
"url": "https://raw.github.com/fail2ban/fail2ban/master/ChangeLog"
},
{
"source": "secalert@redhat.com",
"url": "https://vndh.net/note:fail2ban-089-denial-service"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/06/13/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://raw.github.com/fail2ban/fail2ban/master/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://vndh.net/note:fail2ban-089-denial-service"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-16 18:15
Modified
2024-11-21 06:07
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command `mail` from mailutils package used in mail actions like `mail-whois` can execute command if unescaped sequences (`\n~`) are available in "foreign" input (for instance in whois output). To exploit the vulnerability, an attacker would need to insert malicious characters into the response sent by the whois server, either via a MITM attack or by taking over a whois server. The issue is patched in versions 0.10.7 and 0.11.3. As a workaround, one may avoid the usage of action `mail-whois` or patch the vulnerability manually.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fail2ban | fail2ban | * | |
| fail2ban | fail2ban | * | |
| fail2ban | fail2ban | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:*:*:*:*:*:*:*:*",
"matchCriteriaId": "681DE71A-B67E-440C-8E94-BDD104CBEB5B",
"versionEndIncluding": "0.9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9CD67F2-8F79-43DB-9E96-D2184A33D5E4",
"versionEndExcluding": "0.10.7",
"versionStartIncluding": "0.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1807742-38E3-4C0D-9857-2A70D1436681",
"versionEndExcluding": "0.11.3",
"versionStartIncluding": "0.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command `mail` from mailutils package used in mail actions like `mail-whois` can execute command if unescaped sequences (`\\n~`) are available in \"foreign\" input (for instance in whois output). To exploit the vulnerability, an attacker would need to insert malicious characters into the response sent by the whois server, either via a MITM attack or by taking over a whois server. The issue is patched in versions 0.10.7 and 0.11.3. As a workaround, one may avoid the usage of action `mail-whois` or patch the vulnerability manually."
},
{
"lang": "es",
"value": "fail2ban es un demonio para banear hosts que causan m\u00faltiples errores de autenticaci\u00f3n. En versiones 0.9.7 y anteriores, versiones 0.10.0 hasta 0.10.6, y versiones 0.11.0 hasta 0.11.2, se presenta una vulnerabilidad que conlleva a una posible ejecuci\u00f3n de c\u00f3digo remota en la acci\u00f3n de correo mail-whois. El comando \"mail\" del paquete mailutils usado en acciones de correo como \"mail-whois\" puede ejecutar comando si se presentan secuencias sin may\u00fasculas (\"\\n~\") en la entrada \"foreign\" (por ejemplo, en la salida de whois). Para explotar la vulnerabilidad, un atacante necesitar\u00eda insertar caracteres maliciosos en la respuesta enviada por el servidor whois, ya sea por medio de un ataque MITM o al tomar el control de un servidor whois. El problema est\u00e1 parcheado en las versiones 0.10.7 y 0.11.3. Como soluci\u00f3n, se puede evitar el uso de la acci\u00f3n \"mail-whois\" o parchear la vulnerabilidad manualmente"
}
],
"id": "CVE-2021-32749",
"lastModified": "2024-11-21T06:07:39.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 4.0,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-16T18:15:08.270",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/fail2ban/fail2ban/commit/2ed414ed09b3bb4c478abc9366a1ff22024a33c9"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WHJK2X2MR2WDYZMCW7COZXJDUSDYMY6/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZRYQ77MTX5WSV33VCJLK4KBKR55QZ7ZA/"
},
{
"source": "security-advisories@github.com",
"url": "https://security.gentoo.org/glsa/202310-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/fail2ban/fail2ban/commit/2ed414ed09b3bb4c478abc9366a1ff22024a33c9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WHJK2X2MR2WDYZMCW7COZXJDUSDYMY6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZRYQ77MTX5WSV33VCJLK4KBKR55QZ7ZA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202310-13"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-06-10 14:55
Modified
2024-11-21 01:11
Severity ?
Summary
The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fail2ban | fail2ban | * | |
| fail2ban | fail2ban | 0.1.0 | |
| fail2ban | fail2ban | 0.1.1 | |
| fail2ban | fail2ban | 0.1.2 | |
| fail2ban | fail2ban | 0.3.0 | |
| fail2ban | fail2ban | 0.3.1 | |
| fail2ban | fail2ban | 0.4.0 | |
| fail2ban | fail2ban | 0.4.1 | |
| fail2ban | fail2ban | 0.5.0 | |
| fail2ban | fail2ban | 0.5.1 | |
| fail2ban | fail2ban | 0.5.2 | |
| fail2ban | fail2ban | 0.5.3 | |
| fail2ban | fail2ban | 0.5.4 | |
| fail2ban | fail2ban | 0.5.5 | |
| fail2ban | fail2ban | 0.6.0 | |
| fail2ban | fail2ban | 0.6.1 | |
| fail2ban | fail2ban | 0.7.0 | |
| fail2ban | fail2ban | 0.7.1 | |
| fail2ban | fail2ban | 0.7.2 | |
| fail2ban | fail2ban | 0.7.3 | |
| fail2ban | fail2ban | 0.7.4 | |
| fail2ban | fail2ban | 0.7.5 | |
| fail2ban | fail2ban | 0.7.6 | |
| fail2ban | fail2ban | 0.7.7 | |
| fail2ban | fail2ban | 0.7.8 | |
| fail2ban | fail2ban | 0.7.9 | |
| fail2ban | fail2ban | 0.8.0 | |
| fail2ban | fail2ban | 0.8.1 | |
| fail2ban | fail2ban | 0.8.2 | |
| fail2ban | fail2ban | 0.8.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A48F7DB-369F-4457-AF72-80778B2455A0",
"versionEndIncluding": "0.8.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7750E527-5A05-4716-BF4A-B40EA9E34394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9C7EF4-DA9B-4ADF-A044-2AC8A2FC270F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCFD263-E347-43DD-80A6-D222FCEF23D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64A0FEBA-647F-41F4-8590-7E8C7A49A36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "40BBF7B9-57DB-4479-B2C3-8EB466185E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7847766-CF03-4BF1-BE69-09C50AEC3DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E004A754-3CCB-409D-B13A-DF735ED63971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF9F5C0-7E85-40AC-A7AA-7442749E48D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2331299E-1834-4853-B38B-9E24A364EC62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B27B6-418F-4101-A4A1-6E887BF0BB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B6C2141-12A6-428A-9223-A0CA743BC020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A0468228-10A0-4F72-BE85-D50ED3AA10B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B73E5BBF-3755-4DC8-840F-2466BB2B280D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "880958EA-3BE3-4F16-B323-3CA878BEB3A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79FF61-80D6-4AB8-BC6F-6924AF9A0969",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66BAD83B-AACD-4BCE-8900-8558C6F82D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "719BA249-7B47-488E-86BA-C08286FF8772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A88DA08A-A1C6-4BC1-9BC1-BE823207BFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD346590-84C5-473E-9672-2E920C71B7FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F288E708-A212-4007-A32A-3608C56C5F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7EEF2A-DC72-4F51-B168-237EFA637988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0D366BB8-A4FB-44CC-94BE-3C3BA3861C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "114BC59D-4035-4BC6-B697-9D10415CBDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CB94274B-C1AF-4F87-B244-7BA4526F5D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "98844A94-ABB6-41B4-A5B0-3101F54A3652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F522ECF-7F87-4A25-9CF3-0BCD99B4CAEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEB99EB-DA51-48BB-96BD-4D47D8839C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E29B3199-71BB-4EED-9D91-B6F941AD7BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8CF239-5E91-4708-B594-FA825C69DFE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt."
},
{
"lang": "es",
"value": "Las acciones1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf y (4) mynetwatchman.conf en action.d/ en Fail2ban anterior a 0.8.5 permiten a usuarios locales escribir archivos arbitrarios a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre archivos temporales con nombres previsibles, tal y como fue demostrado por /tmp/fail2ban-mail.txt."
}
],
"id": "CVE-2009-5023",
"lastModified": "2024-11-21T01:11:00.703",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-10T14:55:08.757",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/58841"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-03.xml"
},
{
"source": "secalert@redhat.com",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544232"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/fail2ban/fail2ban/blob/sdist/0.8.5/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/58841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/fail2ban/fail2ban/blob/sdist/0.8.5/ChangeLog"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-01 15:55
Modified
2024-11-21 02:00
Severity ?
Summary
config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fail2ban | fail2ban | * | |
| fail2ban | fail2ban | 0.1.0 | |
| fail2ban | fail2ban | 0.1.1 | |
| fail2ban | fail2ban | 0.1.2 | |
| fail2ban | fail2ban | 0.3.0 | |
| fail2ban | fail2ban | 0.3.1 | |
| fail2ban | fail2ban | 0.4.0 | |
| fail2ban | fail2ban | 0.4.1 | |
| fail2ban | fail2ban | 0.5.0 | |
| fail2ban | fail2ban | 0.5.1 | |
| fail2ban | fail2ban | 0.5.2 | |
| fail2ban | fail2ban | 0.5.3 | |
| fail2ban | fail2ban | 0.5.4 | |
| fail2ban | fail2ban | 0.5.5 | |
| fail2ban | fail2ban | 0.6.0 | |
| fail2ban | fail2ban | 0.6.1 | |
| fail2ban | fail2ban | 0.7.0 | |
| fail2ban | fail2ban | 0.7.1 | |
| fail2ban | fail2ban | 0.7.2 | |
| fail2ban | fail2ban | 0.7.3 | |
| fail2ban | fail2ban | 0.7.4 | |
| fail2ban | fail2ban | 0.7.5 | |
| fail2ban | fail2ban | 0.7.6 | |
| fail2ban | fail2ban | 0.7.7 | |
| fail2ban | fail2ban | 0.7.8 | |
| fail2ban | fail2ban | 0.7.9 | |
| fail2ban | fail2ban | 0.8.0 | |
| fail2ban | fail2ban | 0.8.1 | |
| fail2ban | fail2ban | 0.8.2 | |
| fail2ban | fail2ban | 0.8.3 | |
| fail2ban | fail2ban | 0.8.4 | |
| fail2ban | fail2ban | 0.8.5 | |
| fail2ban | fail2ban | 0.8.6 | |
| fail2ban | fail2ban | 0.8.7 | |
| fail2ban | fail2ban | 0.8.7.1 | |
| fail2ban | fail2ban | 0.8.8 | |
| fail2ban | fail2ban | 0.8.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:*:*:*:*:*:*:*:*",
"matchCriteriaId": "838C1143-CD41-4A2E-954A-7085F9B423A5",
"versionEndIncluding": "0.8.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7750E527-5A05-4716-BF4A-B40EA9E34394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9C7EF4-DA9B-4ADF-A044-2AC8A2FC270F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCFD263-E347-43DD-80A6-D222FCEF23D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64A0FEBA-647F-41F4-8590-7E8C7A49A36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "40BBF7B9-57DB-4479-B2C3-8EB466185E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7847766-CF03-4BF1-BE69-09C50AEC3DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E004A754-3CCB-409D-B13A-DF735ED63971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF9F5C0-7E85-40AC-A7AA-7442749E48D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2331299E-1834-4853-B38B-9E24A364EC62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B27B6-418F-4101-A4A1-6E887BF0BB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B6C2141-12A6-428A-9223-A0CA743BC020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A0468228-10A0-4F72-BE85-D50ED3AA10B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B73E5BBF-3755-4DC8-840F-2466BB2B280D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "880958EA-3BE3-4F16-B323-3CA878BEB3A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79FF61-80D6-4AB8-BC6F-6924AF9A0969",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66BAD83B-AACD-4BCE-8900-8558C6F82D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "719BA249-7B47-488E-86BA-C08286FF8772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A88DA08A-A1C6-4BC1-9BC1-BE823207BFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD346590-84C5-473E-9672-2E920C71B7FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F288E708-A212-4007-A32A-3608C56C5F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7EEF2A-DC72-4F51-B168-237EFA637988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0D366BB8-A4FB-44CC-94BE-3C3BA3861C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "114BC59D-4035-4BC6-B697-9D10415CBDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CB94274B-C1AF-4F87-B244-7BA4526F5D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "98844A94-ABB6-41B4-A5B0-3101F54A3652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F522ECF-7F87-4A25-9CF3-0BCD99B4CAEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEB99EB-DA51-48BB-96BD-4D47D8839C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E29B3199-71BB-4EED-9D91-B6F941AD7BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8CF239-5E91-4708-B594-FA825C69DFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB5D2A5-78E3-49C0-9A8D-397B21E03E26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FFFCA848-72E8-4E33-A636-3D9009AAF870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A97A9988-C973-4ACF-BD37-570004F1AD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BF73708F-4237-47BA-83B8-5999EED0EC28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B343D0B4-9A4C-4F33-AC91-7CF1E1CC7708",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BDE0D31A-A9C2-48FF-B8FA-E65DDF6A9F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA5FB9D-53F2-47FA-865F-0A8225BBC64F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression."
},
{
"lang": "es",
"value": "El fichero config/filter.d/cyrus-imap.conf del filtro de cyrus-imap en Fail2Ban anterior a 0.8.11 permite a atacantes remotos activar el bloqueo de direcciones IP arbitrarias a trav\u00e9s de una direcci\u00f3n de e-mail manipulada que coincida con una expresi\u00f3n regular dise\u00f1ada incorrectamente."
}
],
"id": "CVE-2013-7177",
"lastModified": "2024-11-21T02:00:26.450",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-01T15:55:04.153",
"references": [
{
"source": "cret@cert.org",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"source": "cret@cert.org",
"url": "http://www.debian.org/security/2014/dsa-2979"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/686662"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/fail2ban/fail2ban/commit/bd175f026737d66e7110868fb50b3760ff75e087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2979"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/686662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/fail2ban/fail2ban/commit/bd175f026737d66e7110868fb50b3760ff75e087"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-02-13 01:30
Modified
2024-11-21 00:59
Severity ?
Summary
filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote attackers to cause a denial of service (forced authentication failures) via a crafted reverse-resolved DNS name (rhost) entry that contains a substring that is interpreted as an IP address, a different vulnerability than CVE-2007-4321.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8CF239-5E91-4708-B594-FA825C69DFE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote attackers to cause a denial of service (forced authentication failures) via a crafted reverse-resolved DNS name (rhost) entry that contains a substring that is interpreted as an IP address, a different vulnerability than CVE-2007-4321."
},
{
"lang": "es",
"value": "el archivo filter.d/wuftpd.conf en Fail2ban v0.8.3 utiliza una expresi\u00f3n regular incorrecta que permite a los atacantes remotos causar una denegaci\u00f3n de servicio (fallos de autenticaci\u00f3n forzados) a trav\u00e9s de una entrada de nombre DNS de resoluci\u00f3n reversa (rhost) manipulada que contiene una subcadena que es interpretada como una direcci\u00f3n IP, diferente vulnerabilidad que CVE-2007-4321."
}
],
"id": "CVE-2009-0362",
"lastModified": "2024-11-21T00:59:43.697",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-02-13T01:30:00.360",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514163"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33890"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/33734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/33734"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-01 15:55
Modified
2024-11-21 02:00
Severity ?
Summary
config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fail2ban | fail2ban | * | |
| fail2ban | fail2ban | 0.1.0 | |
| fail2ban | fail2ban | 0.1.1 | |
| fail2ban | fail2ban | 0.1.2 | |
| fail2ban | fail2ban | 0.3.0 | |
| fail2ban | fail2ban | 0.3.1 | |
| fail2ban | fail2ban | 0.4.0 | |
| fail2ban | fail2ban | 0.4.1 | |
| fail2ban | fail2ban | 0.5.0 | |
| fail2ban | fail2ban | 0.5.1 | |
| fail2ban | fail2ban | 0.5.2 | |
| fail2ban | fail2ban | 0.5.3 | |
| fail2ban | fail2ban | 0.5.4 | |
| fail2ban | fail2ban | 0.5.5 | |
| fail2ban | fail2ban | 0.6.0 | |
| fail2ban | fail2ban | 0.6.1 | |
| fail2ban | fail2ban | 0.7.0 | |
| fail2ban | fail2ban | 0.7.1 | |
| fail2ban | fail2ban | 0.7.2 | |
| fail2ban | fail2ban | 0.7.3 | |
| fail2ban | fail2ban | 0.7.4 | |
| fail2ban | fail2ban | 0.7.5 | |
| fail2ban | fail2ban | 0.7.6 | |
| fail2ban | fail2ban | 0.7.7 | |
| fail2ban | fail2ban | 0.7.8 | |
| fail2ban | fail2ban | 0.7.9 | |
| fail2ban | fail2ban | 0.8.0 | |
| fail2ban | fail2ban | 0.8.1 | |
| fail2ban | fail2ban | 0.8.2 | |
| fail2ban | fail2ban | 0.8.3 | |
| fail2ban | fail2ban | 0.8.4 | |
| fail2ban | fail2ban | 0.8.5 | |
| fail2ban | fail2ban | 0.8.6 | |
| fail2ban | fail2ban | 0.8.7 | |
| fail2ban | fail2ban | 0.8.7.1 | |
| fail2ban | fail2ban | 0.8.8 | |
| fail2ban | fail2ban | 0.8.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:*:*:*:*:*:*:*:*",
"matchCriteriaId": "838C1143-CD41-4A2E-954A-7085F9B423A5",
"versionEndIncluding": "0.8.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7750E527-5A05-4716-BF4A-B40EA9E34394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9C7EF4-DA9B-4ADF-A044-2AC8A2FC270F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCFD263-E347-43DD-80A6-D222FCEF23D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64A0FEBA-647F-41F4-8590-7E8C7A49A36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "40BBF7B9-57DB-4479-B2C3-8EB466185E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7847766-CF03-4BF1-BE69-09C50AEC3DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E004A754-3CCB-409D-B13A-DF735ED63971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF9F5C0-7E85-40AC-A7AA-7442749E48D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2331299E-1834-4853-B38B-9E24A364EC62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B27B6-418F-4101-A4A1-6E887BF0BB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B6C2141-12A6-428A-9223-A0CA743BC020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A0468228-10A0-4F72-BE85-D50ED3AA10B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B73E5BBF-3755-4DC8-840F-2466BB2B280D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "880958EA-3BE3-4F16-B323-3CA878BEB3A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79FF61-80D6-4AB8-BC6F-6924AF9A0969",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66BAD83B-AACD-4BCE-8900-8558C6F82D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "719BA249-7B47-488E-86BA-C08286FF8772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A88DA08A-A1C6-4BC1-9BC1-BE823207BFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD346590-84C5-473E-9672-2E920C71B7FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F288E708-A212-4007-A32A-3608C56C5F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7EEF2A-DC72-4F51-B168-237EFA637988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0D366BB8-A4FB-44CC-94BE-3C3BA3861C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "114BC59D-4035-4BC6-B697-9D10415CBDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CB94274B-C1AF-4F87-B244-7BA4526F5D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "98844A94-ABB6-41B4-A5B0-3101F54A3652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F522ECF-7F87-4A25-9CF3-0BCD99B4CAEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEB99EB-DA51-48BB-96BD-4D47D8839C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E29B3199-71BB-4EED-9D91-B6F941AD7BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8CF239-5E91-4708-B594-FA825C69DFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB5D2A5-78E3-49C0-9A8D-397B21E03E26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FFFCA848-72E8-4E33-A636-3D9009AAF870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A97A9988-C973-4ACF-BD37-570004F1AD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BF73708F-4237-47BA-83B8-5999EED0EC28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B343D0B4-9A4C-4F33-AC91-7CF1E1CC7708",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BDE0D31A-A9C2-48FF-B8FA-E65DDF6A9F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:0.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA5FB9D-53F2-47FA-865F-0A8225BBC64F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression."
},
{
"lang": "es",
"value": "El fichero config/filter.d/postfix.conf del filtro de Postfix en Fail2Ban anterior a 0.8.11 permite a atacantes remotos activar el bloqueo de direcciones IP arbitrarias a trav\u00e9s de una direcci\u00f3n de e-mail manipulada que coincida con una expresi\u00f3n regular dise\u00f1ada incorrectamente."
}
],
"id": "CVE-2013-7176",
"lastModified": "2024-11-21T02:00:26.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-01T15:55:04.120",
"references": [
{
"source": "cret@cert.org",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"source": "cret@cert.org",
"url": "http://www.debian.org/security/2014/dsa-2979"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/686662"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/fail2ban/fail2ban/commit/eb2f0c927257120dfc32d2450fd63f1962f38821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2979"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/686662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/fail2ban/fail2ban/commit/eb2f0c927257120dfc32d2450fd63f1962f38821"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-06 19:28
Modified
2024-11-21 00:22
Severity ?
Summary
fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fail2ban:fail2ban:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B6A500D-6B1A-44B7-879B-EB83141C2E7B",
"versionEndIncluding": "0.7.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address."
},
{
"lang": "es",
"value": "fail2ban 0.7.4 y anteriores no realizan de forma adecuada una an\u00e1lisis sint\u00e1ctico de los ficheros de log de sshd, lo cual permite a atacantes remotos a\u00f1adir hosts de su elecci\u00f3n en el fichero /etc/hosts.deny y provocar una denegaci\u00f3n de servicio a\u00f1adiendo direcciones IP de su elecci\u00f3n al fichero de log de sshd, como ha sido demostrado accediendo por ssh utilizando un nombre de acceso que contiene ciertas cadenas con una direcci\u00f3n IP."
}
],
"id": "CVE-2006-6302",
"lastModified": "2024-11-21T00:22:23.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-06T19:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=157166"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23237"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24184"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200702-05.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/21469"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4877"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=157166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200702-05.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30739"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2021-32749
Vulnerability from cvelistv5
Published
2021-07-16 00:00
Modified
2024-08-03 23:33
Severity ?
EPSS score ?
Summary
fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command `mail` from mailutils package used in mail actions like `mail-whois` can execute command if unescaped sequences (`\n~`) are available in "foreign" input (for instance in whois output). To exploit the vulnerability, an attacker would need to insert malicious characters into the response sent by the whois server, either via a MITM attack or by taking over a whois server. The issue is patched in versions 0.10.7 and 0.11.3. As a workaround, one may avoid the usage of action `mail-whois` or patch the vulnerability manually.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:54.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/fail2ban/fail2ban/commit/2ed414ed09b3bb4c478abc9366a1ff22024a33c9"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844"
},
{
"name": "FEDORA-2021-0ab8f6a19a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WHJK2X2MR2WDYZMCW7COZXJDUSDYMY6/"
},
{
"name": "FEDORA-2021-a18b79d182",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZRYQ77MTX5WSV33VCJLK4KBKR55QZ7ZA/"
},
{
"name": "GLSA-202310-13",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-13"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "fail2ban",
"vendor": "fail2ban",
"versions": [
{
"status": "affected",
"version": "\u003c= 0.9.7"
},
{
"status": "affected",
"version": "\u003e= 0.10.0, \u003c= 0.10.6"
},
{
"status": "affected",
"version": "\u003e= 0.11.0, \u003c= 0.11.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command `mail` from mailutils package used in mail actions like `mail-whois` can execute command if unescaped sequences (`\\n~`) are available in \"foreign\" input (for instance in whois output). To exploit the vulnerability, an attacker would need to insert malicious characters into the response sent by the whois server, either via a MITM attack or by taking over a whois server. The issue is patched in versions 0.10.7 and 0.11.3. As a workaround, one may avoid the usage of action `mail-whois` or patch the vulnerability manually."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-19T07:06:11.556870",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm"
},
{
"url": "https://github.com/fail2ban/fail2ban/commit/2ed414ed09b3bb4c478abc9366a1ff22024a33c9"
},
{
"url": "https://github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844"
},
{
"name": "FEDORA-2021-0ab8f6a19a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WHJK2X2MR2WDYZMCW7COZXJDUSDYMY6/"
},
{
"name": "FEDORA-2021-a18b79d182",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZRYQ77MTX5WSV33VCJLK4KBKR55QZ7ZA/"
},
{
"name": "GLSA-202310-13",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-13"
}
],
"source": {
"advisory": "GHSA-m985-3f3v-cwmm",
"discovery": "UNKNOWN"
},
"title": "Possible RCE vulnerability in mailing action using mailutils (mail-whois)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32749",
"datePublished": "2021-07-16T00:00:00",
"dateReserved": "2021-05-12T00:00:00",
"dateUpdated": "2024-08-03T23:33:54.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-5642
Vulnerability from cvelistv5
Published
2012-12-31 11:00
Modified
2024-08-06 21:14
Severity ?
EPSS score ?
Summary
server/action.py in Fail2ban before 0.8.8 does not properly handle the content of the matches tag, which might allow remote attackers to trigger unsafe behavior in a custom action file via unspecified symbols in this content.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2012/12/17/2 | mailing-list, x_refsource_MLIST | |
| https://github.com/fail2ban/fail2ban/commit/83109bc | x_refsource_CONFIRM | |
| http://sourceforge.net/mailarchive/message.php?msg_id=30193056 | mailing-list, x_refsource_MLIST | |
| https://raw.github.com/fail2ban/fail2ban/master/ChangeLog | x_refsource_CONFIRM | |
| https://bugs.gentoo.org/show_bug.cgi?id=447572 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2013-04/msg00002.html | vendor-advisory, x_refsource_SUSE | |
| https://bugzilla.redhat.com/show_bug.cgi?id=887914 | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2013:078 | vendor-advisory, x_refsource_MANDRIVA | |
| http://lists.opensuse.org/opensuse-updates/2013-04/msg00001.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20121217 Re: CVE request: fail2ban 0.8.8 fixes an input variable quoting flaw on \u003cmatches\u003e content",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/17/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/fail2ban/fail2ban/commit/83109bc"
},
{
"name": "[fail2ban-users] 20121206 0.8.8 release",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=30193056"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://raw.github.com/fail2ban/fail2ban/master/ChangeLog"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=447572"
},
{
"name": "openSUSE-SU-2013:0567",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=887914"
},
{
"name": "MDVSA-2013:078",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:078"
},
{
"name": "openSUSE-SU-2013:0566",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-04/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "server/action.py in Fail2ban before 0.8.8 does not properly handle the content of the matches tag, which might allow remote attackers to trigger unsafe behavior in a custom action file via unspecified symbols in this content."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-02T13:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20121217 Re: CVE request: fail2ban 0.8.8 fixes an input variable quoting flaw on \u003cmatches\u003e content",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/17/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/fail2ban/fail2ban/commit/83109bc"
},
{
"name": "[fail2ban-users] 20121206 0.8.8 release",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=30193056"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://raw.github.com/fail2ban/fail2ban/master/ChangeLog"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=447572"
},
{
"name": "openSUSE-SU-2013:0567",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=887914"
},
{
"name": "MDVSA-2013:078",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:078"
},
{
"name": "openSUSE-SU-2013:0566",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-04/msg00001.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5642",
"datePublished": "2012-12-31T11:00:00",
"dateReserved": "2012-10-24T00:00:00",
"dateUpdated": "2024-08-06T21:14:16.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-7177
Vulnerability from cvelistv5
Published
2014-02-01 15:00
Modified
2024-08-06 18:01
Severity ?
EPSS score ?
Summary
config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/686662 | third-party-advisory, x_refsource_CERT-VN | |
| https://github.com/fail2ban/fail2ban/commit/bd175f026737d66e7110868fb50b3760ff75e087 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html | vendor-advisory, x_refsource_SUSE | |
| http://www.debian.org/security/2014/dsa-2979 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:01:19.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#686662",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/686662"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/fail2ban/fail2ban/commit/bd175f026737d66e7110868fb50b3760ff75e087"
},
{
"name": "openSUSE-SU-2014:0348",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"name": "DSA-2979",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2979"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-13T13:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#686662",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/686662"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/fail2ban/fail2ban/commit/bd175f026737d66e7110868fb50b3760ff75e087"
},
{
"name": "openSUSE-SU-2014:0348",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"name": "DSA-2979",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2979"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-7177",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#686662",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/686662"
},
{
"name": "https://github.com/fail2ban/fail2ban/commit/bd175f026737d66e7110868fb50b3760ff75e087",
"refsource": "CONFIRM",
"url": "https://github.com/fail2ban/fail2ban/commit/bd175f026737d66e7110868fb50b3760ff75e087"
},
{
"name": "openSUSE-SU-2014:0348",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"name": "DSA-2979",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2979"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-7177",
"datePublished": "2014-02-01T15:00:00",
"dateReserved": "2013-12-19T00:00:00",
"dateUpdated": "2024-08-06T18:01:19.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0362
Vulnerability from cvelistv5
Published
2009-02-13 01:00
Modified
2024-09-16 20:26
Severity ?
EPSS score ?
Summary
filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote attackers to cause a denial of service (forced authentication failures) via a crafted reverse-resolved DNS name (rhost) entry that contains a substring that is interpreted as an IP address, a different vulnerability than CVE-2007-4321.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/33890 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/33734 | vdb-entry, x_refsource_BID | |
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514163 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:31:26.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33890"
},
{
"name": "33734",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33734"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514163"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote attackers to cause a denial of service (forced authentication failures) via a crafted reverse-resolved DNS name (rhost) entry that contains a substring that is interpreted as an IP address, a different vulnerability than CVE-2007-4321."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-13T01:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33890"
},
{
"name": "33734",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33734"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514163"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote attackers to cause a denial of service (forced authentication failures) via a crafted reverse-resolved DNS name (rhost) entry that contains a substring that is interpreted as an IP address, a different vulnerability than CVE-2007-4321."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33890"
},
{
"name": "33734",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33734"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514163",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514163"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0362",
"datePublished": "2009-02-13T01:00:00Z",
"dateReserved": "2009-01-29T00:00:00Z",
"dateUpdated": "2024-09-16T20:26:16.757Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-6302
Vulnerability from cvelistv5
Published
2006-12-06 19:00
Modified
2024-08-07 20:19
Severity ?
EPSS score ?
Summary
fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-200702-05.xml | vendor-advisory, x_refsource_GENTOO | |
| http://bugs.gentoo.org/show_bug.cgi?id=157166 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/23237 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/24184 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/30739 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/21469 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2006/4877 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:19:35.257Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200702-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200702-05.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=157166"
},
{
"name": "23237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23237"
},
{
"name": "24184",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24184"
},
{
"name": "fail2ban-log-message-dos(30739)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30739"
},
{
"name": "21469",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21469"
},
{
"name": "ADV-2006-4877",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4877"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200702-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200702-05.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=157166"
},
{
"name": "23237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23237"
},
{
"name": "24184",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24184"
},
{
"name": "fail2ban-log-message-dos(30739)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30739"
},
{
"name": "21469",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21469"
},
{
"name": "ADV-2006-4877",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4877"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6302",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200702-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200702-05.xml"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=157166",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=157166"
},
{
"name": "23237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23237"
},
{
"name": "24184",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24184"
},
{
"name": "fail2ban-log-message-dos(30739)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30739"
},
{
"name": "21469",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21469"
},
{
"name": "ADV-2006-4877",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4877"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6302",
"datePublished": "2006-12-06T19:00:00",
"dateReserved": "2006-12-05T00:00:00",
"dateUpdated": "2024-08-07T20:19:35.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2178
Vulnerability from cvelistv5
Published
2013-08-28 17:18
Modified
2024-08-06 15:27
Severity ?
EPSS score ?
Summary
The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request.
References
| ▼ | URL | Tags |
|---|---|---|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17338 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.openwall.com/lists/oss-security/2013/06/13/7 | mailing-list, x_refsource_MLIST | |
| http://www.debian.org/security/2013/dsa-2708 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html | vendor-advisory, x_refsource_SUSE | |
| https://raw.github.com/fail2ban/fail2ban/master/ChangeLog | x_refsource_CONFIRM | |
| https://vndh.net/note:fail2ban-089-denial-service | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:17338",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17338"
},
{
"name": "[oss-security] 20130613 Re: Re: Fail2ban 0.8.9, Denial of Service (Apache rules only)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/06/13/7"
},
{
"name": "DSA-2708",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2708"
},
{
"name": "openSUSE-SU-2014:0348",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://raw.github.com/fail2ban/fail2ban/master/ChangeLog"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vndh.net/note:fail2ban-089-denial-service"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "oval:org.mitre.oval:def:17338",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17338"
},
{
"name": "[oss-security] 20130613 Re: Re: Fail2ban 0.8.9, Denial of Service (Apache rules only)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/06/13/7"
},
{
"name": "DSA-2708",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2708"
},
{
"name": "openSUSE-SU-2014:0348",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://raw.github.com/fail2ban/fail2ban/master/ChangeLog"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vndh.net/note:fail2ban-089-denial-service"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2178",
"datePublished": "2013-08-28T17:18:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:41.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-7176
Vulnerability from cvelistv5
Published
2014-02-01 15:00
Modified
2024-08-06 18:01
Severity ?
EPSS score ?
Summary
config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/686662 | third-party-advisory, x_refsource_CERT-VN | |
| http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html | vendor-advisory, x_refsource_SUSE | |
| http://www.debian.org/security/2014/dsa-2979 | vendor-advisory, x_refsource_DEBIAN | |
| https://github.com/fail2ban/fail2ban/commit/eb2f0c927257120dfc32d2450fd63f1962f38821 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:01:20.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#686662",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/686662"
},
{
"name": "openSUSE-SU-2014:0348",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"name": "DSA-2979",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2979"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/fail2ban/fail2ban/commit/eb2f0c927257120dfc32d2450fd63f1962f38821"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-13T13:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#686662",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/686662"
},
{
"name": "openSUSE-SU-2014:0348",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"name": "DSA-2979",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2979"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/fail2ban/fail2ban/commit/eb2f0c927257120dfc32d2450fd63f1962f38821"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-7176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#686662",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/686662"
},
{
"name": "openSUSE-SU-2014:0348",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"
},
{
"name": "DSA-2979",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2979"
},
{
"name": "https://github.com/fail2ban/fail2ban/commit/eb2f0c927257120dfc32d2450fd63f1962f38821",
"refsource": "CONFIRM",
"url": "https://github.com/fail2ban/fail2ban/commit/eb2f0c927257120dfc32d2450fd63f1962f38821"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-7176",
"datePublished": "2014-02-01T15:00:00",
"dateReserved": "2013-12-19T00:00:00",
"dateUpdated": "2024-08-06T18:01:20.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-5023
Vulnerability from cvelistv5
Published
2014-06-10 14:00
Modified
2024-08-07 07:24
Severity ?
EPSS score ?
Summary
The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/fail2ban/fail2ban/blob/sdist/0.8.5/ChangeLog | x_refsource_CONFIRM | |
| http://security.gentoo.org/glsa/glsa-201406-03.xml | vendor-advisory, x_refsource_GENTOO | |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544232 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/58841 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:54.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/fail2ban/fail2ban/blob/sdist/0.8.5/ChangeLog"
},
{
"name": "GLSA-201406-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-03.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544232"
},
{
"name": "58841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58841"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-08-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-06-10T13:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/fail2ban/fail2ban/blob/sdist/0.8.5/ChangeLog"
},
{
"name": "GLSA-201406-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-03.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544232"
},
{
"name": "58841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58841"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-5023",
"datePublished": "2014-06-10T14:00:00",
"dateReserved": "2010-12-09T00:00:00",
"dateUpdated": "2024-08-07T07:24:54.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4321
Vulnerability from cvelistv5
Published
2007-08-14 00:00
Modified
2024-08-07 14:53
Severity ?
EPSS score ?
Summary
fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2008/dsa-1456 | vendor-advisory, x_refsource_DEBIAN | |
| http://secunia.com/advisories/23237 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/42484 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/25117 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/28374 | third-party-advisory, x_refsource_SECUNIA | |
| http://bugs.gentoo.org/show_bug.cgi?id=181214 | x_refsource_MISC | |
| http://security.gentoo.org/glsa/glsa-200707-13.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.ossec.net/en/attacking-loganalysis.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:53:55.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1456",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1456"
},
{
"name": "23237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23237"
},
{
"name": "42484",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42484"
},
{
"name": "25117",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25117"
},
{
"name": "28374",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28374"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=181214"
},
{
"name": "GLSA-200707-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200707-13.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ossec.net/en/attacking-loganalysis.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-01-12T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-1456",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1456"
},
{
"name": "23237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23237"
},
{
"name": "42484",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42484"
},
{
"name": "25117",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25117"
},
{
"name": "28374",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28374"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=181214"
},
{
"name": "GLSA-200707-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200707-13.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ossec.net/en/attacking-loganalysis.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1456",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1456"
},
{
"name": "23237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23237"
},
{
"name": "42484",
"refsource": "OSVDB",
"url": "http://osvdb.org/42484"
},
{
"name": "25117",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25117"
},
{
"name": "28374",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28374"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=181214",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=181214"
},
{
"name": "GLSA-200707-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200707-13.xml"
},
{
"name": "http://www.ossec.net/en/attacking-loganalysis.html",
"refsource": "MISC",
"url": "http://www.ossec.net/en/attacking-loganalysis.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4321",
"datePublished": "2007-08-14T00:00:00",
"dateReserved": "2007-08-13T00:00:00",
"dateUpdated": "2024-08-07T14:53:55.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}