11 matches found
EUVD-2007-2757
Malware in sbrugna...
EUVD-2007-4305
Malware in sbrugna...
CVE-2007-4322
BlockHosts before 2.0.4 does not properly parse 1 sshd and 2 vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh wi...
Design/Logic Flaw
BlockHosts before 2.0.4 does not properly parse 1 sshd and 2 vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh wi...
CVE-2007-4322
BlockHosts before 2.0.4 does not properly parse 1 sshd and 2 vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh wi...
CVE-2007-4322
BlockHosts vulnerability CVE-2007-4322 affects BlockHosts before 2.0.4 and CVE-2007-2765 affects BlockHosts before 2.0.3. The issue is improper parsing of daemon log files (sshd/vsftpd) that allows remote attackers to inject arbitrary deny entries into /etc/hosts.allow and cause a denial of servi...
Remote log injection on DenyHosts, Fail2ban and BlockHosts
Hi List, DenyHosts, Fail2ban and BlockHosts are vulnerable to remote log injection that can lead to arbitrarily injection of IP addresses in /etc/hosts.deny. To make it more "interesting", not only IP addresses can be added, but also the wild card "all", causing it to block the whole Internet out...
CVE-2007-2765
blockhosts.py in BlockHosts before 2.0.3 does not properly parse daemon log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by logging in through ss...
Design/Logic Flaw
blockhosts.py in BlockHosts before 2.0.3 does not properly parse daemon log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by logging in through ss...
CVE-2007-2765
CVE-2007-2765 concerns BlockHosts prior to 2.0.3, where improper parsing of daemon logs lets remote attackers add arbitrary entries to /etc/hosts.allow, enabling a denial of service by injecting IPs into a log file. Related entries (e.g., CVE-2007-4322/4323) describe a similar issue affecting Blo...
CVE-2007-2765
blockhosts.py in BlockHosts before 2.0.3 does not properly parse daemon log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by logging in through ss...