2 matches found
CVE-2007-4321
fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol versi...
CVE-2006-6301
CVE-2006-6301 affects DenyHosts 2.5, which mishandles sshd log parsing. An attacker can remotely cause denial of service by injecting arbitrary IP addresses into /etc/hosts.deny through crafted log content, exploiting an inadequate regular expression to parse SSH login attempts. The vulnerability...