Lucene search
+L

256 matches found

UbuntuCve
UbuntuCve
added 2014/02/01 3:55 p.m.20 views

CVE-2013-7177

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

5CVSS6AI score0.03235EPSS
Exploits1References3
OSV
OSV
added 2014/02/01 3:55 p.m.5 views

UBUNTU-CVE-2013-7176

config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

5CVSS5.9AI score0.03235EPSS
Exploits1References4
OSV
OSV
added 2014/02/01 3:55 p.m.4 views

UBUNTU-CVE-2013-7177

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

5CVSS5.9AI score0.03235EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2014/02/01 3:0 p.m.56 views

CVE-2013-7177

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

5CVSS6.4AI score0.03235EPSS
Exploits1
Debian CVE
Debian CVE
added 2014/02/01 3:0 p.m.44 views

CVE-2013-7176

config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

5CVSS6.4AI score0.03235EPSS
Exploits1
CVE
CVE
added 2014/02/01 3:0 p.m.60 views

CVE-2013-7176

CVE-2013-7176 affects Fail2ban, where config/filter.d/postfix.conf in the Fail2ban filter could allow a remote attacker to trigger an IP ban on an arbitrary address via a crafted email address due to an improperly designed regular expression. The issue is addressed in Debian security advisories w...

5CVSS6.5AI score0.03235EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2014/02/01 3:0 p.m.63 views

CVE-2013-7177

Summary of CVE-2013-7177 : Fail2ban (vulnerable up to 0.8.10) contains a faulty cyrus-imap failregex in its config filter (config/filter.d/cyrus-imap.conf). The improper design allows remote attackers to trigger the banning of an arbitrary IP via a crafted email address, due to regex weaknesses i...

5CVSS6.5AI score0.03235EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2014/02/01 3:0 p.m.23 views

CVE-2013-7176

config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

6.3AI score0.03235EPSS
Exploits1References4
Cvelist
Cvelist
added 2014/02/01 3:0 p.m.29 views

CVE-2013-7177

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

6.3AI score0.03235EPSS
Exploits1References4
CERT
CERT
added 2014/01/28 12:0 a.m.26 views

Fail2ban postfix and cyrus-imap filters contain denial-of-service vulnerabilities

Overview Fail2ban versions prior to 0.8.11 are susceptible to a denial-of-service attack when a maliciously crafted email address is parsed by the postfix or cyrus-imap filters. If users have not deployed either of these filters then they are not affected. Description Fail2ban versions prior to...

5CVSS6.2AI score0.03235EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.20 views

Amazon Linux AMI : fail2ban (ALAS-2013-209)

The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request. C Tenable Network Security, Inc. The...

5CVSS5.4AI score0.01763EPSS
Exploits0References2
OSV
OSV
added 2013/08/28 11:55 p.m.5 views

CVE-2013-2178

The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request...

6.5AI score
Exploits0References6
NVD
NVD
added 2013/08/28 11:55 p.m.8 views

CVE-2013-2178

The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request...

5CVSS6.6AI score0.01763EPSS
Exploits0References6
OSV
OSV
added 2013/08/28 11:55 p.m.3 views

DEBIAN-CVE-2013-2178

The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request...

5CVSS7.1AI score0.01763EPSS
Exploits0References1
Prion
Prion
added 2013/08/28 11:55 p.m.9 views

Cross site request forgery (csrf)

The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request...

5CVSS7.1AI score0.01763EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2013/08/28 11:55 p.m.28 views

CVE-2013-2178

The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request...

5CVSS6AI score0.01763EPSS
Exploits0References3
Cvelist
Cvelist
added 2013/08/28 5:18 p.m.25 views

CVE-2013-2178

The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request...

6.4AI score0.01763EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2013/08/28 5:18 p.m.20 views

CVE-2013-2178

The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request...

5CVSS6.5AI score0.01763EPSS
Exploits0
CVE
CVE
added 2013/08/28 5:18 p.m.78 views

CVE-2013-2178

The CVE-2013-2178 vulnerability affects Fail2ban before 0.8.10, where the files apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf do not properly validate log messages. This allows a remote attacker to block arbitrary IP addresses by crafting specific messages ...

5CVSS6.5AI score0.01763EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.41 views

Fail2ban 0.8.9, Denial of Service (Apache rules only)

Version 0.8.9 latest of Fail2ban allows to perform remote denial of service for arbitrary chosen IP address. Address listed on Fail2ban's whitelist are not affected. The vulnerability exists in Apache rules and it is caused by improper validation of a log file by regular expression. Malicious use...

0.5AI score
Exploits0
Rows per page
Query Builder