Lucene search
+L

256 matches found

OSV
OSV
added 2014/06/10 2:55 p.m.2 views

DEBIAN-CVE-2009-5023

The 1 dshield.conf, 2 mail-buffered.conf, 3 mynetwatchman.conf, and 4 mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt...

4.7CVSS6.7AI score0.0034EPSS
Exploits0References1
Prion
Prion
added 2014/06/10 2:55 p.m.9 views

Design/Logic Flaw

The 1 dshield.conf, 2 mail-buffered.conf, 3 mynetwatchman.conf, and 4 mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt...

4.7CVSS6.5AI score0.0034EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2014/06/10 2:55 p.m.3 views

CVE-2009-5023

The 1 dshield.conf, 2 mail-buffered.conf, 3 mynetwatchman.conf, and 4 mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt...

4.7CVSS5.6AI score0.0034EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2014/06/10 2:55 p.m.13 views

CVE-2009-5023

The 1 dshield.conf, 2 mail-buffered.conf, 3 mynetwatchman.conf, and 4 mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt...

4.7CVSS6AI score0.0034EPSS
Exploits0References1
Cvelist
Cvelist
added 2014/06/10 2:0 p.m.24 views

CVE-2009-5023

The 1 dshield.conf, 2 mail-buffered.conf, 3 mynetwatchman.conf, and 4 mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt...

6.2AI score0.0034EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2014/06/10 2:0 p.m.29 views

CVE-2009-5023

The 1 dshield.conf, 2 mail-buffered.conf, 3 mynetwatchman.conf, and 4 mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt...

4.7CVSS6.2AI score0.0034EPSS
Exploits0
CVE
CVE
added 2014/06/10 2:0 p.m.49 views

CVE-2009-5023

CVE-2009-5023 affects Fail2ban prior to 0.8.5. A symlink race in temporary files used by actions (notably in action.d/ and the files dshield.conf, mail-buffered.conf, mynetwatchman.conf) allows local users to write to arbitrary files, demonstrated by /tmp/fail2ban-mail.txt. Root cause: predictabl...

4.7CVSS6.3AI score0.0034EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/06/02 12:0 a.m.31 views

GLSA-201406-03 : Fail2ban: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201406-03 Fail2ban: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Fail2ban. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send a crafted URL to a websi...

5CVSS5.8AI score0.03235EPSS
Exploits1References4
Gentoo Linux
Gentoo Linux
added 2014/06/01 12:0 a.m.29 views

Fail2ban: Multiple vulnerabilities

Background Fail2ban is a tool for parsing log files and banning IP addresses which show suspicious behavior. Description Multiple vulnerabilities have been discovered in Fail2ban. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a crafted URL to ...

5CVSS6.6AI score0.03235EPSS
Exploits1
Mageia
Mageia
added 2014/04/16 1:12 p.m.35 views

Updated fail2ban packages fix security issues

An update to fail2ban 0.8.13 has been released to fix security issues, amongst other bugfixes. fail2ban versions prior to 0.8.11 would allow a remote unauthenticated attacker to cause arbitrary IP addresses to be blocked by Fail2ban causing legitimate users to be blocked from accessing services...

5CVSS6.5AI score0.03235EPSS
Exploits2References3
OSV
OSV
added 2014/04/16 1:12 p.m.9 views

MGASA-2014-0176 Updated fail2ban packages fix security issues

An update to fail2ban 0.8.13 has been released to fix security issues, amongst other bugfixes. fail2ban versions prior to 0.8.11 would allow a remote unauthenticated attacker to cause arbitrary IP addresses to be blocked by Fail2ban causing legitimate users to be blocked from accessing services...

5CVSS8AI score0.03235EPSS
Exploits2References4
NVD
NVD
added 2014/02/01 3:55 p.m.10 views

CVE-2013-7176

config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

5CVSS6.4AI score0.03235EPSS
Exploits1References4
NVD
NVD
added 2014/02/01 3:55 p.m.16 views

CVE-2013-7177

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

5CVSS6.4AI score0.03235EPSS
Exploits1References4
OSV
OSV
added 2014/02/01 3:55 p.m.9 views

CVE-2013-7176

config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

7.8AI score
Exploits0References5
OSV
OSV
added 2014/02/01 3:55 p.m.3 views

DEBIAN-CVE-2013-7177

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

5CVSS6.8AI score0.03235EPSS
Exploits1References1
OSV
OSV
added 2014/02/01 3:55 p.m.11 views

CVE-2013-7177

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

7.8AI score
Exploits0References5
OSV
OSV
added 2014/02/01 3:55 p.m.2 views

DEBIAN-CVE-2013-7176

config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

5CVSS6.5AI score0.03235EPSS
Exploits1References1
Prion
Prion
added 2014/02/01 3:55 p.m.9 views

Design/Logic Flaw

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

5CVSS7AI score0.03235EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2014/02/01 3:55 p.m.11 views

Design/Logic Flaw

config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

5CVSS7AI score0.03235EPSS
Exploits1References4Affected Software1
UbuntuCve
UbuntuCve
added 2014/02/01 3:55 p.m.15 views

CVE-2013-7176

config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

5CVSS6AI score0.03235EPSS
Exploits1References3
Rows per page
Query Builder