Lucene search
K

254 matches found

securityvulns
securityvulns
added 2007/07/30 12:0 a.m.22 views

Fail2ban DoS

No description provided...

0.7AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/07/30 12:0 a.m.25 views

GLSA-200707-13 : Fail2ban: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200707-13 Fail2ban: Denial of Service A vulnerability has been discovered in Fail2ban when parsing log files. Impact : A remote attacker could send specially crafted SSH login banners to the vulnerable host, which would prevent an...

6.8CVSS5.4AI score0.05748EPSS
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2007/07/28 12:0 a.m.27 views

Fail2ban: Denial of service

Background Fail2ban is a tool for parsing log files and banning IP addresses which make too many password failures. Description A vulnerability has been discovered in Fail2ban when parsing log files. Impact A remote attacker could send specially crafted SSH login banners to the vulnerable host,...

6.8CVSS6.4AI score0.05748EPSS
Exploits0
exploitpack
exploitpack
added 2007/07/28 12:0 a.m.14 views

Fail2ban 0.8 - Remote Denial of Service

Fail2ban 0.8 - Remote Denial of Service source: https://www.securityfocus.com/bid/25117/info Fail2ban is prone to a remote denial-of-service vulnerability because the application fails to properly ensure the validity of authentication-failure messages. Successfully exploiting this issue allows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/07/28 12:0 a.m.20 views

Fail2ban 0.8 - Remote Denial of Service

source: https://www.securityfocus.com/bid/25117/info Fail2ban is prone to a remote denial-of-service vulnerability because the application fails to properly ensure the validity of authentication-failure messages. Successfully exploiting this issue allows remote attackers to add arbitrary IP...

7.4AI score
Exploits0
Fedora
Fedora
added 2007/06/21 8:7 p.m.19 views

[SECURITY] Fedora 7 Update: fail2ban-0.8.0-9.fc7

Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/errorlog and bans IP that makes too many password failures. It updates firewall rules to reject the IP address...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2007/06/11 12:0 a.m.81 views

Remote log injection on DenyHosts, Fail2ban and BlockHosts

Hi List, DenyHosts, Fail2ban and BlockHosts are vulnerable to remote log injection that can lead to arbitrarily injection of IP addresses in /etc/hosts.deny. To make it more "interesting", not only IP addresses can be added, but also the wild card "all", causing it to block the whole Internet out...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/02/17 12:0 a.m.17 views

GLSA-200702-05 : Fail2ban: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200702-05 Fail2ban: Denial of Service A flaw in the method used to parse log entries allows remote, unauthenticated attackers to forge authentication attempts from other hosts. Impact : A remote attacker can add arbitrary hosts to...

5CVSS5.8AI score0.01762EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2007/02/16 12:0 a.m.28 views

Fail2ban: Denial of service

Background Fail2ban monitors log files for failed authentication attempts and can block hosts responsible for repeated attacks. Description A flaw in the method used to parse log entries allows remote, unauthenticated attackers to forge authentication attempts from other hosts. Impact A remote...

5CVSS6.8AI score0.01762EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2006/12/06 7:28 p.m.5 views

CVE-2006-6302

fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containi...

5CVSS5.8AI score0.01762EPSS
Exploits0References8
NVD
NVD
added 2006/12/06 7:28 p.m.18 views

CVE-2006-6302

fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containi...

5CVSS6.7AI score0.01762EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2006/12/06 7:0 p.m.29 views

CVE-2006-6302

fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containi...

5CVSS6.4AI score0.01762EPSS
Exploits0
Cvelist
Cvelist
added 2006/12/06 7:0 p.m.17 views

CVE-2006-6302

fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containi...

6.6AI score0.01762EPSS
Exploits0References7
CVE
CVE
added 2006/12/06 7:0 p.m.53 views

CVE-2006-6302

The CVE-2006-6302 entry concerns fail2ban 0.7.4 and earlier, which do not correctly parse sshd log files. This allows remote attackers to forge entries in the authentication log that result in adding arbitrary hosts to the /etc/hosts.deny block list, causing a denial of service. Affected componen...

5CVSS6.6AI score0.01762EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder