exploitDog

GHSA-5jfx-9p58-q8pj

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.

fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.

Ссылки

EPSS

Процентиль: 93%

0.11824

Средний

CVE ID

Связанные уязвимости

CVE-2007-4321

ubuntu

около 18 лет назад

fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.

CVE-2007-4321

nvd

около 18 лет назад

fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.

CVE-2007-4321

debian

около 18 лет назад

fail2ban 0.8 and earlier does not properly parse sshd log files, which ...

EPSS

Процентиль: 93%

0.11824

Средний

CVE ID