Описание
DenyHosts 2.6 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6301.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 2.6-2.1 |
| edgy | released | 2.5-3ubuntu0.1 |
| feisty | released | 2.6-1ubuntu0.1 |
| gutsy | released | 2.6-2.1 |
| upstream | needed |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
DenyHosts 2.6 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6301.
DenyHosts 2.6 does not properly parse sshd log files, which allows rem ...
DenyHosts 2.6 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6301.
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
6.8 Medium
CVSS2