Lucene search
+L

256 matches found

OSV
OSV
added 2021/07/16 6:15 p.m.25 views

CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS8.1AI score
Exploits0References6
OSV
OSV
added 2021/07/16 6:15 p.m.3 views

ALPINE-CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS8.3AI score0.03621EPSS
Exploits1References1
OSV
OSV
added 2021/07/16 6:15 p.m.3 views

DEBIAN-CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS8.3AI score0.03621EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2021/07/16 6:15 p.m.58 views

CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS7.2AI score0.03621EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2021/07/16 6:15 p.m.3 views

CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS7.4AI score0.03621EPSS
Exploits1References9Affected Software1
Prion
Prion
added 2021/07/16 6:15 p.m.17 views

Remote code execution

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

6.8CVSS8.3AI score0.03621EPSS
Exploits1References6Affected Software2
OSV
OSV
added 2021/07/16 6:15 p.m.6 views

UBUNTU-CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS7.8AI score0.03621EPSS
Exploits1References8
CNNVD
CNNVD
added 2021/07/16 12:0 a.m.5 views

fail2ban 代码注入漏洞

fail2ban is a software application. Disable causes multiple hosts with authentication errors. fail2ban suffers from a code injection vulnerability that could lead to remote code execution. To exploit the vulnerability, an attacker would need to insert malicious characters into the response sent b...

8.1CVSS8.1AI score0.03621EPSS
Exploits1References8
Cvelist
Cvelist
added 2021/07/16 12:0 a.m.30 views

CVE-2021-32749 Possible RCE vulnerability in mailing action using mailutils (mail-whois)

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

6.1CVSS8.7AI score0.03621EPSS
Exploits1References6
CVE
CVE
added 2021/07/16 12:0 a.m.182 views

CVE-2021-32749

CVE-2021-32749 affects fail2ban before fixed versions. A vulnerability in the mailing action mail-whois allows remote code execution if unescaped sequences (\n~) in foreign input (e.g., whois outputs) are processed by the mail command. Exploitation requires attacker-supplied input via MITM or com...

8.1CVSS7.5AI score0.03621EPSS
Exploits1References6Affected Software1
AlpineLinux
AlpineLinux
added 2021/07/16 12:0 a.m.28 views

CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS7.7AI score0.03621EPSS
Exploits1
Debian CVE
Debian CVE
added 2021/07/16 12:0 a.m.59 views

CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS8.5AI score0.03621EPSS
Exploits1
FreeBSD
FreeBSD
added 2021/07/16 12:0 a.m.35 views

fail2ban -- possible RCE vulnerability in mailing action using mailutils

Jakub Żoczek reports: Command mail from mailutils package used in mail actions like mail-whois can execute command if unescaped sequences \n are available in "foreign" input for instance in whois output...

8.1CVSS2AI score0.03621EPSS
Exploits1References1
Kitploit
Kitploit
added 2019/11/03 12:30 p.m.141 views

Fail2Ban - Daemon To Ban Hosts That Cause Multiple Authentication Errors

Fail2Ban scans log files like /var/log/auth.log and bans IP addresses conducting too many failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses, for a configurable amount of time. Fail2Ban comes out-of-the-box ready to read many...

7.4AI score
Exploits0References3
Kitploit
Kitploit
added 2019/07/16 1:54 p.m.159 views

JShielder v2.4 - Hardening Script For Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark G

JSHielder is an Open Source Bash Script developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application or services. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2018/04/13 12:41 p.m.27 views

JShielder - Automates The Process Of Installing All The Necessary Packages To Host A Web Application And Hardening A Linux Server

JSHielder is an Open Source tool developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application or services. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server wi...

8AI score
Exploits0References2
n0where
n0where
added 2017/03/20 6:43 a.m.122 views

Centralize or Distribute IPset Blacklists: vallumd

Centralize or Distribute IPset Blacklists If you maintain a server on the Internet, it’s very likely you encountered one or more brute force attacks. Not a problem, just install fail2ban. Done. But if you’re running multiple servers, each of them running their fail2ban instance, they’ll all have...

0.1AI score
Exploits0References1
n0where
n0where
added 2016/12/19 6:43 a.m.21 views

IT Threat GeoDashboard: Suspicious

IT Threat GeoDashboard Suspicious is a combination of Open Source software configured to give end users a view on IT threats over an interactive geographical dashboard. You’ll just need an Internet Browser to access the dashboard. This application has been build on a GNU/Linux environment and may...

0.4AI score
Exploits0References1
Kitploit
Kitploit
added 2016/01/18 9:33 p.m.27 views

JShielder - LAMP/LEMP Secure Deployment

JSHielder is an Open Source tool developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server with little...

8AI score
Exploits0References4
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.22 views

Gentoo Security Advisory GLSA 201406-03

Gentoo Linux Local Security Checks GLSA 201406-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

5CVSS5AI score0.03235EPSS
Exploits1References1
Rows per page
Query Builder