12 matches found
Mageia: Security Advisory (MGASA-2014-0176)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-21-1 : fail2ban security update
Use anchored failregex for filters to avoid possible DoS. Manually picked up from the current status of 0.8 branch as of 0.8.13-29-g09b2016 : - CVE-2013-7176: postfix.conf - anchored on the front, expects 'postfix/smtpd' prefix in the log line - CVE-2013-7177: cyrus-imap.conf - anchored on the...
DLA-0021-1 fail2ban - security update
Bulletin has no description...
[SECURITY] [DSA 2979-1] fail2ban security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2979-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 17, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2979-1] fail2ban security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2979-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 17, 2014 http://www.debian.org/security/faq -...
openSUSE Security Update : fail2ban (openSUSE-SU-2014:0348-1)
The fail2ban tool was updated to version 0.8.12 to fix various security issues and also brings bugfixes and features. Security issues fixed: A remote unauthenticated attacker may cause arbitrary IP addresses to be blocked by Fail2ban causing legitimate users to be blocked from accessing services...
CVE-2013-7177
config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...
CVE-2013-7177
config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...
CVE-2013-7177
config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...
CVE-2013-7177
config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...
CVE-2013-7177
Summary of CVE-2013-7177 : Fail2ban (vulnerable up to 0.8.10) contains a faulty cyrus-imap failregex in its config filter (config/filter.d/cyrus-imap.conf). The improper design allows remote attackers to trigger the banning of an arbitrary IP via a crafted email address, due to regex weaknesses i...
Fail2ban postfix and cyrus-imap filters contain denial-of-service vulnerabilities
Overview Fail2ban versions prior to 0.8.11 are susceptible to a denial-of-service attack when a maliciously crafted email address is parsed by the postfix or cyrus-imap filters. If users have not deployed either of these filters then they are not affected. Description Fail2ban versions prior to...