Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-19521

Malware in sbrugna...

8.1CVSS7.9AI score0.03621EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.19 views

GLSA-202310-13 : GNU Mailutils: unexpected processsing of escape sequences

The remote host is affected by the vulnerability described in GLSA-202310-13 GNU Mailutils: unexpected processsing of escape sequences - fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, ther...

8.1CVSS8.1AI score0.03621EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.62 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Fail2ban vulnerability (USN-5232-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5232-1 advisory. Jakub oczek discovered that certain Fail2ban actions handled whois responses in an insecure way. If Fail2ban was configured to use certain...

8.1CVSS7.8AI score0.03621EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:40 a.m.3 views

SUSE CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

6.1CVSS8.4AI score0.03621EPSS
Exploits1References4
OSV
OSV
added 2022/09/12 7:45 a.m.4 views

USN-5232-1 fail2ban vulnerability

Jakub Żoczek discovered that certain Fail2ban actions handled whois responses in an insecure way. If Fail2ban was configured to use certain mail actions like 'mail-whois' on a target system, a remote attacker who was able to control whois responses to this target system could possibly execute...

8.1CVSS7.5AI score0.03621EPSS
Exploits1References2
OSV
OSV
added 2021/10/06 7:41 p.m.11 views

MGASA-2021-0464 Updated fail2ban packages fix security vulnerability

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS8.3AI score0.03621EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2021/09/17 12:0 a.m.59 views

openSUSE 15 Security Update : fail2ban (openSUSE-SU-2021:1274-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1274-1 advisory. - fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 throug...

8.1CVSS8.1AI score0.03621EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2021/08/05 12:0 a.m.4 views

The vulnerability of the fail2ban software, related to errors in the checking function, allows a violator to execute arbitrary code.

The vulnerability of the fail2ban software is related to errors in the mail-whois function’s validation process. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted request...

10CVSS8AI score0.03621EPSS
Exploits1References8Affected Software3
Veracode
Veracode
added 2021/07/19 12:16 a.m.23 views

Remote Code Execution

fail2ban is vulnerable to remote code execution. The mailing action mail-whois command mail from mailutils package used in mail actions like mail-whois can execute command allows an attacker to execute arbitrary commands due to unescaped sequences \n in foreign input...

8.1CVSS5.3AI score0.03621EPSS
Exploits1References9Affected Software1
NVD
NVD
added 2021/07/16 6:15 p.m.15 views

CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS0.03621EPSS
Exploits1References6
OSV
OSV
added 2021/07/16 6:15 p.m.2 views

ALPINE-CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS8.3AI score0.03621EPSS
Exploits1References1
OSV
OSV
added 2021/07/16 6:15 p.m.1 views

DEBIAN-CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS8.3AI score0.03621EPSS
Exploits1References1
OSV
OSV
added 2021/07/16 6:15 p.m.23 views

CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS8.1AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2021/07/16 6:15 p.m.56 views

CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS7.2AI score0.03621EPSS
Exploits1References7
Prion
Prion
added 2021/07/16 6:15 p.m.14 views

Remote code execution

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

6.8CVSS8.3AI score0.03621EPSS
Exploits1References6Affected Software2
OSV
OSV
added 2021/07/16 6:15 p.m.2 views

UBUNTU-CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS7.8AI score0.03621EPSS
Exploits1References8
Cvelist
Cvelist
added 2021/07/16 12:0 a.m.25 views

CVE-2021-32749 Possible RCE vulnerability in mailing action using mailutils (mail-whois)

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

6.1CVSS8.7AI score0.03621EPSS
Exploits1References6
CVE
CVE
added 2021/07/16 12:0 a.m.180 views

CVE-2021-32749

CVE-2021-32749 affects fail2ban before fixed versions. A vulnerability in the mailing action mail-whois allows remote code execution if unescaped sequences (\n~) in foreign input (e.g., whois outputs) are processed by the mail command. Exploitation requires attacker-supplied input via MITM or com...

8.1CVSS7.5AI score0.03621EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2021/07/16 12:0 a.m.43 views

CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS8.5AI score0.03621EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2021/07/16 12:0 a.m.27 views

CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS7.7AI score0.03621EPSS
Exploits1
Rows per page
Query Builder