Lucene search
+L

11 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.20 views

GLSA-202310-13 : GNU Mailutils: unexpected processsing of escape sequences

The remote host is affected by the vulnerability described in GLSA-202310-13 GNU Mailutils: unexpected processsing of escape sequences - fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, ther...

8.1CVSS8.1AI score0.03621EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.62 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Fail2ban vulnerability (USN-5232-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5232-1 advisory. Jakub oczek discovered that certain Fail2ban actions handled whois responses in an insecure way. If Fail2ban was configured to use certain...

8.1CVSS7.8AI score0.03621EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2021-0464)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.1AI score0.03621EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2021/10/30 12:0 a.m.14 views

Fedora: Security Advisory for fail2ban (FEDORA-2021-a18b79d182)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS8.2AI score0.03621EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.25 views

FreeBSD : fail2ban -- possible RCE vulnerability in mailing action using mailutils (c848059a-318b-11ec-aa15-0800270512f4)

Jakub Zoczek reports : Command mail from mailutils package used in mail actions like mail-whois can execute command if unescaped sequences \n are available in 'foreign' input for instance in whois output. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks...

8.1CVSS7.7AI score0.03621EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/09/17 12:0 a.m.60 views

openSUSE 15 Security Update : fail2ban (openSUSE-SU-2021:1274-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1274-1 advisory. - fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 throug...

8.1CVSS8.1AI score0.03621EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2021/09/17 12:0 a.m.11 views

openSUSE: Security Advisory for fail2ban (openSUSE-SU-2021:1274-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS8.1AI score0.03621EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/09/16 12:0 a.m.49 views

Security update for fail2ban (important)

openSUSE Security Update: Security update for fail2ban Announcement ID: openSUSE-SU-2021:1274-1 Rating: important References: 1145181 1146856 1180738 1188610 Cross-References: CVE-2021-32749 CVSS scores: CVE-2021-32749 NVD : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products:...

8.1CVSS8AI score0.03621EPSS
Exploits1References4
Circl
Circl
added 2021/08/02 11:3 a.m.9 views

CVE-2021-32749

creationtimestamp| type| source ---|---|--- 2021-08-02 11:03:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/3974 2021-08-23 16:09:03+00:00| seen| MISP/29eba91f-a00b-4ee9-b3d3-3771b0ce1240 2024-11-14 06:09:45+00:00| seen| MISP/f4c535ee-a3a1-4a60-a7f7-66209fa54e86...

8.1CVSS7.8AI score0.03621EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/07/16 12:0 a.m.31 views

CVE-2021-32749 Possible RCE vulnerability in mailing action using mailutils (mail-whois)

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

6.1CVSS8.7AI score0.03621EPSS
Exploits1References6
CVE
CVE
added 2021/07/16 12:0 a.m.184 views

CVE-2021-32749

CVE-2021-32749 affects fail2ban before fixed versions. A vulnerability in the mailing action mail-whois allows remote code execution if unescaped sequences (\n~) in foreign input (e.g., whois outputs) are processed by the mail command. Exploitation requires attacker-supplied input via MITM or com...

8.1CVSS7.5AI score0.03621EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder