Lucene search
K

254 matches found

Patchstack
Patchstack
added 2022/02/28 12:0 a.m.11 views

WordPress WP fail2ban plugin < 4.4.0.3 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WP fail2ban plugin versions 4.4.0.3. Solution Update the WordPress WP fail2ban plugin to the latest available version at least 4.4.0.3...

2.2AI score
Exploits0References2Affected Software1
Kitploit
Kitploit
added 2022/02/05 8:30 p.m.45 views

SentryPeer - A Distributed Peer To Peer List Of Bad Actor IP Addresses And Phone Numbers Collected Via A SIP Honeypot

A distributed list of bad actor IP addresses and phone numbers collected via a SIP Honeypot. Introduction This is basically a fraud detection tool. It lets bad actors try to make phone calls and saves the IP address they came from and number they tried to call. Those details are then used to bloc...

7.1AI score
Exploits0References13
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2021-0464)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.1AI score0.03621EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.8 views

Mageia: Security Advisory (MGASA-2013-0192)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.01763EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.11 views

Mageia: Security Advisory (MGASA-2014-0176)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.03235EPSS
Exploits2References5
GithubExploit
GithubExploit
added 2021/12/15 9:9 p.m.53 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4Shell Honeypot Enhanced dockerized honeypot for CVE-2021...

10CVSS7AI score0.99999EPSS
Exploits351
OpenVAS
OpenVAS
added 2021/10/30 12:0 a.m.14 views

Fedora: Security Advisory for fail2ban (FEDORA-2021-a18b79d182)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS8.2AI score0.03621EPSS
Exploits1References2
Fedora
Fedora
added 2021/10/29 11:23 p.m.33 views

[SECURITY] Fedora 35 Update: fail2ban-0.11.2-9.fc35

Fail2Ban scans log files and bans IP addresses that makes too many password failures. It updates firewall rules to reject the IP address. These rules can be defined by the user. Fail2Ban can read multiple log files such as sshd or Apache web server ones. Fail2Ban is able to reduce the rate of...

8.1CVSS7.3AI score0.03621EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.24 views

FreeBSD : fail2ban -- possible RCE vulnerability in mailing action using mailutils (c848059a-318b-11ec-aa15-0800270512f4)

Jakub Zoczek reports : Command mail from mailutils package used in mail actions like mail-whois can execute command if unescaped sequences \n are available in 'foreign' input for instance in whois output. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks...

8.1CVSS7.7AI score0.03621EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2021/10/21 12:0 a.m.13 views

Fedora: Security Advisory for fail2ban (FEDORA-2021-0ab8f6a19a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS8.2AI score0.03621EPSS
Exploits1References2
Fedora
Fedora
added 2021/10/19 12:37 a.m.26 views

[SECURITY] Fedora 34 Update: fail2ban-0.11.2-9.fc34

Fail2Ban scans log files and bans IP addresses that makes too many password failures. It updates firewall rules to reject the IP address. These rules can be defined by the user. Fail2Ban can read multiple log files such as sshd or Apache web server ones. Fail2Ban is able to reduce the rate of...

8.1CVSS7.3AI score0.03621EPSS
Exploits1
OSV
OSV
added 2021/10/06 7:41 p.m.11 views

MGASA-2021-0464 Updated fail2ban packages fix security vulnerability

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS8.3AI score0.03621EPSS
Exploits1References5
Mageia
Mageia
added 2021/10/06 7:41 p.m.31 views

Updated fail2ban packages fix security vulnerability

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS3.2AI score0.03621EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/09/17 12:0 a.m.59 views

openSUSE 15 Security Update : fail2ban (openSUSE-SU-2021:1274-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1274-1 advisory. - fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 throug...

8.1CVSS8.1AI score0.03621EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2021/09/17 12:0 a.m.11 views

openSUSE: Security Advisory for fail2ban (openSUSE-SU-2021:1274-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS8.1AI score0.03621EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/09/16 12:0 a.m.49 views

Security update for fail2ban (important)

openSUSE Security Update: Security update for fail2ban Announcement ID: openSUSE-SU-2021:1274-1 Rating: important References: 1145181 1146856 1180738 1188610 Cross-References: CVE-2021-32749 CVSS scores: CVE-2021-32749 NVD : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products:...

8.1CVSS8AI score0.03621EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2021/08/05 12:0 a.m.6 views

The vulnerability of the fail2ban software, related to errors in the checking function, allows a violator to execute arbitrary code.

The vulnerability of the fail2ban software is related to errors in the mail-whois function’s validation process. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted request...

10CVSS8AI score0.03621EPSS
Exploits1References8Affected Software3
Veracode
Veracode
added 2021/07/19 12:16 a.m.24 views

Remote Code Execution

fail2ban is vulnerable to remote code execution. The mailing action mail-whois command mail from mailutils package used in mail actions like mail-whois can execute command allows an attacker to execute arbitrary commands due to unescaped sequences \n in foreign input...

8.1CVSS5.3AI score0.03621EPSS
Exploits1References9Affected Software1
OSV
OSV
added 2021/07/16 6:15 p.m.24 views

CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS8.1AI score
Exploits0References6
NVD
NVD
added 2021/07/16 6:15 p.m.15 views

CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS0.03621EPSS
Exploits1References6
Rows per page
Query Builder