254 matches found
WordPress WP fail2ban plugin < 4.4.0.3 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress WP fail2ban plugin versions 4.4.0.3. Solution Update the WordPress WP fail2ban plugin to the latest available version at least 4.4.0.3...
SentryPeer - A Distributed Peer To Peer List Of Bad Actor IP Addresses And Phone Numbers Collected Via A SIP Honeypot
A distributed list of bad actor IP addresses and phone numbers collected via a SIP Honeypot. Introduction This is basically a fraud detection tool. It lets bad actors try to make phone calls and saves the IP address they came from and number they tried to call. Those details are then used to bloc...
Mageia: Security Advisory (MGASA-2021-0464)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2013-0192)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0176)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
Log4Shell Honeypot Enhanced dockerized honeypot for CVE-2021...
Fedora: Security Advisory for fail2ban (FEDORA-2021-a18b79d182)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: fail2ban-0.11.2-9.fc35
Fail2Ban scans log files and bans IP addresses that makes too many password failures. It updates firewall rules to reject the IP address. These rules can be defined by the user. Fail2Ban can read multiple log files such as sshd or Apache web server ones. Fail2Ban is able to reduce the rate of...
FreeBSD : fail2ban -- possible RCE vulnerability in mailing action using mailutils (c848059a-318b-11ec-aa15-0800270512f4)
Jakub Zoczek reports : Command mail from mailutils package used in mail actions like mail-whois can execute command if unescaped sequences \n are available in 'foreign' input for instance in whois output. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks...
Fedora: Security Advisory for fail2ban (FEDORA-2021-0ab8f6a19a)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 34 Update: fail2ban-0.11.2-9.fc34
Fail2Ban scans log files and bans IP addresses that makes too many password failures. It updates firewall rules to reject the IP address. These rules can be defined by the user. Fail2Ban can read multiple log files such as sshd or Apache web server ones. Fail2Ban is able to reduce the rate of...
MGASA-2021-0464 Updated fail2ban packages fix security vulnerability
fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...
Updated fail2ban packages fix security vulnerability
fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...
openSUSE 15 Security Update : fail2ban (openSUSE-SU-2021:1274-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1274-1 advisory. - fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 throug...
openSUSE: Security Advisory for fail2ban (openSUSE-SU-2021:1274-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for fail2ban (important)
openSUSE Security Update: Security update for fail2ban Announcement ID: openSUSE-SU-2021:1274-1 Rating: important References: 1145181 1146856 1180738 1188610 Cross-References: CVE-2021-32749 CVSS scores: CVE-2021-32749 NVD : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products:...
The vulnerability of the fail2ban software, related to errors in the checking function, allows a violator to execute arbitrary code.
The vulnerability of the fail2ban software is related to errors in the mail-whois function’s validation process. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted request...
Remote Code Execution
fail2ban is vulnerable to remote code execution. The mailing action mail-whois command mail from mailutils package used in mail actions like mail-whois can execute command allows an attacker to execute arbitrary commands due to unescaped sequences \n in foreign input...
CVE-2021-32749
fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...
CVE-2021-32749
fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...