Executive Summary
Summary | |
---|---|
Title | denyhosts regression update |
Informations | |||
---|---|---|---|
Name | DSA-2826 | First vendor Publication | 2013-12-22 |
Vendor | Debian | Last vendor Modification | 2014-01-23 |
Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A regression has been found on the denyhosts packages fixing CVE-2013-6890. This regression could cause an attempted breakin attempt to be missed by denyhosts, which would then fail to enforce a ban. For the oldstable distribution (squeeze), this problem has been fixed in version 2.6-7+deb6u3. For the stable distribution (wheezy), this problem has been fixed in version 2.6-10+deb7u3. For the testing (jessie) and unstable (sid) distribution, the package denyhosts has been removed, and its users are encouraged to switch to an alternative like fail2ban. We recommend that you upgrade your denyhosts packages. |
Original Source
Url : http://www.debian.org/security/2014/dsa-2826 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-287 | Improper Authentication |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:21063 | |||
Oval ID: | oval:org.mitre.oval:def:21063 | ||
Title: | DSA-2826-1 deny hosts - Remote denial of ssh service | ||
Description: | Helmut Grohne discovered that deny hosts, a tool preventing SSH brute-force attacks, could be used to perform remote denial of service against the SSH daemon. Incorrectly specified regular expressions used to detect brute force attacks in authentication logs could be exploited by a malicious user to forge crafted login names in order to make deny hosts ban arbitrary IP addresses. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2826-1 CVE-2013-6890 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | denyhosts |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28977 | |||
Oval ID: | oval:org.mitre.oval:def:28977 | ||
Title: | DSA-2826-2 -- denyhosts -- remote denial of ssh service | ||
Description: | Helmut Grohne discovered that denyhosts, a tool preventing SSH brute-force attacks, could be used to perform remote denial of service against the SSH daemon. Incorrectly specified regular expressions used to detect brute force attacks in authentication logs could be exploited by a malicious user to forge crafted login names in order to make denyhosts ban arbitrary IP addresses. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2826-2 CVE-2013-6890 | Version: | 3 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | denyhosts |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Os | 3 | |
Os | 1 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-01-06 | Name : The remote Fedora host is missing a security update. File : fedora_2014-17067.nasl - Type : ACT_GATHER_INFO |
2015-01-06 | Name : The remote Fedora host is missing a security update. File : fedora_2014-17081.nasl - Type : ACT_GATHER_INFO |
2014-06-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-23.nasl - Type : ACT_GATHER_INFO |
2013-12-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2826.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:32:26 |
|
2014-01-24 00:18:16 |
|
2013-12-24 21:23:34 |
|
2013-12-24 13:22:15 |
|
2013-12-22 21:19:08 |
|