2 matches found
Debian DLA-21-1 : fail2ban security update
Use anchored failregex for filters to avoid possible DoS. Manually picked up from the current status of 0.8 branch as of 0.8.13-29-g09b2016 : - CVE-2013-7176: postfix.conf - anchored on the front, expects 'postfix/smtpd' prefix in the log line - CVE-2013-7177: cyrus-imap.conf - anchored on the...
UBUNTU-CVE-2013-1427
The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP control socket and perform unauthorized actions such as forcing the use of a different version of PHP...