Описание
DenyHosts 2.5 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address, which is not properly handled by a regular expression.
Ссылки
- Exploit
- Vendor Advisory
- Vendor Advisory
- Exploit
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
EPSS
5 Medium
CVSS2
Дефекты
Связанные уязвимости
DenyHosts 2.5 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address, which is not properly handled by a regular expression.
DenyHosts 2.5 does not properly parse sshd log files, which allows rem ...
DenyHosts 2.5 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address, which is not properly handled by a regular expression.
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
EPSS
5 Medium
CVSS2