config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | fail2ban | < 0.8.11-1 | fail2ban_0.8.11-1_all.deb |
Debian | 11 | all | fail2ban | < 0.8.11-1 | fail2ban_0.8.11-1_all.deb |
Debian | 10 | all | fail2ban | < 0.8.11-1 | fail2ban_0.8.11-1_all.deb |
Debian | 999 | all | fail2ban | < 0.8.11-1 | fail2ban_0.8.11-1_all.deb |
Debian | 13 | all | fail2ban | < 0.8.11-1 | fail2ban_0.8.11-1_all.deb |