254 matches found
Fail2ban DoS
No description provided...
GLSA-200707-13 : Fail2ban: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200707-13 Fail2ban: Denial of Service A vulnerability has been discovered in Fail2ban when parsing log files. Impact : A remote attacker could send specially crafted SSH login banners to the vulnerable host, which would prevent an...
Fail2ban: Denial of service
Background Fail2ban is a tool for parsing log files and banning IP addresses which make too many password failures. Description A vulnerability has been discovered in Fail2ban when parsing log files. Impact A remote attacker could send specially crafted SSH login banners to the vulnerable host,...
Fail2ban 0.8 - Remote Denial of Service
Fail2ban 0.8 - Remote Denial of Service source: https://www.securityfocus.com/bid/25117/info Fail2ban is prone to a remote denial-of-service vulnerability because the application fails to properly ensure the validity of authentication-failure messages. Successfully exploiting this issue allows...
Fail2ban 0.8 - Remote Denial of Service
source: https://www.securityfocus.com/bid/25117/info Fail2ban is prone to a remote denial-of-service vulnerability because the application fails to properly ensure the validity of authentication-failure messages. Successfully exploiting this issue allows remote attackers to add arbitrary IP...
[SECURITY] Fedora 7 Update: fail2ban-0.8.0-9.fc7
Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/errorlog and bans IP that makes too many password failures. It updates firewall rules to reject the IP address...
Remote log injection on DenyHosts, Fail2ban and BlockHosts
Hi List, DenyHosts, Fail2ban and BlockHosts are vulnerable to remote log injection that can lead to arbitrarily injection of IP addresses in /etc/hosts.deny. To make it more "interesting", not only IP addresses can be added, but also the wild card "all", causing it to block the whole Internet out...
GLSA-200702-05 : Fail2ban: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200702-05 Fail2ban: Denial of Service A flaw in the method used to parse log entries allows remote, unauthenticated attackers to forge authentication attempts from other hosts. Impact : A remote attacker can add arbitrary hosts to...
Fail2ban: Denial of service
Background Fail2ban monitors log files for failed authentication attempts and can block hosts responsible for repeated attacks. Description A flaw in the method used to parse log entries allows remote, unauthenticated attackers to forge authentication attempts from other hosts. Impact A remote...
CVE-2006-6302
fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containi...
CVE-2006-6302
fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containi...
CVE-2006-6302
fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containi...
CVE-2006-6302
fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containi...
CVE-2006-6302
The CVE-2006-6302 entry concerns fail2ban 0.7.4 and earlier, which do not correctly parse sshd log files. This allows remote attackers to forge entries in the authentication log that result in adding arbitrary hosts to the /etc/hosts.deny block list, causing a denial of service. Affected componen...